PT-2025-51581 · Linux+4 · Linux Kernel+4

Published

2025-09-18

·

Updated

2026-05-07

·

CVE-2025-68168

CVSS v2.0

4.6

Medium

VectorAV:L/AC:L/Au:S/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw exists in the Linux kernel's JFS (Journaled File System) transaction manager. The txInit() function does not properly initialize the TxBlock[0].waitor waitqueue, leading to a system crash when txEnd(0) is called on read-only filesystems. Specifically, when a filesystem is mounted read-only, txBegin() returns a transaction ID (tid) of 0, indicating no transaction. However, txEnd(0) is still invoked, attempting to access the uninitialized TxBlock[0].waitor waitqueue through the tid to tblock(0) function. This results in a 'non-static key' lockdep warning and a system crash. The issue is resolved by ensuring all transaction blocks, including TxBlock[0], have their waitqueues properly initialized during txInit().
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Initialization

Weakness Enumeration

CWE-665

Related Identifiers

BDU:2026-01338
CVE-2025-68168
ECHO-EE4F-4DFC-E758
MGASA-2026-0017
MGASA-2026-0018
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-8029-1
USN-8029-2
USN-8029-3
USN-8030-1
USN-8048-1
USN-8095-1
USN-8095-2
USN-8095-3
USN-8095-4
USN-8095-5
USN-8096-1
USN-8096-2
USN-8096-3
USN-8096-4
USN-8096-5
USN-8100-1
USN-8116-1
USN-8125-1
USN-8126-1
USN-8141-1
USN-8163-1
USN-8163-2
USN-8165-1
USN-8243-1
USN-8261-1

Affected Products

Debian
Jfs
Linuxmint
Linux Kernel
Ubuntu