CVE-2025-68214

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists within the timer subsystem, specifically in the timer shutdown sync() function, potentially leading to a kernel warning. This occurs when the timer function pointer is cleared to NULL while the timer is still actively running on another CPU. The issue arises from the possibility of a pending timer having a NULL function pointer, triggering a warning within the expire timers() function. The root cause is that timer shutdown sync() clears the timer function pointer without checking if the timer is currently running. The fix involves only clearing the function pointer during timer detachment, leaving it intact while the timer is running to ensure proper completion. The lock timer base() and unlock timer base() functions are used to manage access to the timer base. The expire timers() function is responsible for handling timer expirations. The detach if pending() function is used to detach pending timers. The call timer fn() function is called to execute the timer function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.