fkie_cve-2025-37880
Vulnerability from fkie_nvd
Published
2025-05-09 07:16
Modified
2025-05-18 07:15
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: um: work around sched_yield not yielding in time-travel mode sched_yield by a userspace may not actually cause scheduling in time-travel mode as no time has passed. In the case seen it appears to be a badly implemented userspace spinlock in ASAN. Unfortunately, with time-travel it causes an extreme slowdown or even deadlock depending on the kernel configuration (CONFIG_UML_MAX_USERSPACE_ITERATIONS). Work around it by accounting time to the process whenever it executes a sched_yield syscall.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/887c5c12e80c8424bd471122d2e8b6b462e12874
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/990ddc65173776f1e01e7135d8c1fd5f8fd4d5d2
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\num: work around sched_yield not yielding in time-travel mode\n\nsched_yield by a userspace may not actually cause scheduling in\ntime-travel mode as no time has passed. In the case seen it appears to\nbe a badly implemented userspace spinlock in ASAN. Unfortunately, with\ntime-travel it causes an extreme slowdown or even deadlock depending on\nthe kernel configuration (CONFIG_UML_MAX_USERSPACE_ITERATIONS).\n\nWork around it by accounting time to the process whenever it executes a\nsched_yield syscall."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: um: soluci\u00f3n alternativa para que sched_yield no ceda en modo de viaje en el tiempo. Es posible que la ejecuci\u00f3n de sched_yield por un espacio de usuario no provoque la programaci\u00f3n en modo de viaje en el tiempo, ya que no ha transcurrido tiempo. En el caso observado, parece tratarse de un bloqueo de giro del espacio de usuario mal implementado en ASAN. Desafortunadamente, con el viaje en el tiempo, causa una ralentizaci\u00f3n extrema o incluso un bloqueo, dependiendo de la configuraci\u00f3n del kernel (CONFIG_UML_MAX_USERSPACE_ITERATIONS). Para solucionarlo, se contabiliza el tiempo del proceso cada vez que ejecuta una llamada al sistema sched_yield."
    }
  ],
  "id": "CVE-2025-37880",
  "lastModified": "2025-05-18T07:15:19.287",
  "metrics": {},
  "published": "2025-05-09T07:16:09.257",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/887c5c12e80c8424bd471122d2e8b6b462e12874"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/990ddc65173776f1e01e7135d8c1fd5f8fd4d5d2"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.