CVE-2025-71180

MEDIUM EPSS 4.5%
Published Jan 31, 20264mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jan 31, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQF_NO_THREAD flag An IRQ handler can either be IRQF_NO_THREAD or acquire spinlock_t, as CONFIG_PROVE_RAW_LOCK_NESTING warns: ============================= [ BUG: Invalid wait context ] 6.18.0-rc1+git... #1 ----------------------------- some-user-space-process/1251 is trying to lock: (&counter->events_list_lock){....}-{3:3}, at: counter_push_event [counter] other info that might help us debug this: context-{2:2} no locks held by some-user-space-process/.... stack backtrace: CPU: 0 UID: 0 PID: 1251 Comm: some-user-space-process 6.18.0-rc1+git... #1 PREEMPT Call trace: show_stack (C) dump_stack_lvl dump_stack __lock_acquire lock_acquire _raw_spin_lock_irqsave counter_push_event [counter] interrupt_cnt_isr [interrupt_cnt] __handle_irq_event_percpu handle_irq_event handle_simple_irq handle_irq_desc generic_handle_domain_irq gpio_irq_handler handle_irq_desc generic_handle_domain_irq gic_handle_irq call_on_irq_stack do_interrupt_handler el0_interrupt __el0_irq_handler_common el0t_64_irq_handler el0t_64_irq ... and Sebastian correctly points out. Remove IRQF_NO_THREAD as an alternative to switching to raw_spinlock_t, because the latter would limit all potential nested locks to raw_spinlock_t only.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥5.13.1  –  <5.15.198
linuxlinux_kernel*≥5.16  –  <6.1.161
linuxlinux_kernel*≥6.2  –  <6.6.121
linuxlinux_kernel*≥6.7  –  <6.12.66
linuxlinux_kernel*≥6.13  –  <6.18.6
linuxlinux_kernel5.13any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/1c5a3175aecf82cd86dfcbef2a23e8b26d8d8e7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23f9485510c338476b9735d516c1d4aacb810d46
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/425886b1f8304621b3f16632b274357067d5f13f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49a66829dd3653695e60d7cae13521d131362fcd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/51d2e5d6491447258cb39ff1deb93df15d3c23cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ef668c9a2261ec9287faba6e6ef05a98b391aa2b
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1c5a3175aecf82cd86dfcbef2a23e8b26d8d8e7c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/23f9485510c338476b9735d516c1d4aacb810d46
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/425886b1f8304621b3f16632b274357067d5f13f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/49a66829dd3653695e60d7cae13521d131362fcd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/51d2e5d6491447258cb39ff1deb93df15d3c23cb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ef668c9a2261ec9287faba6e6ef05a98b391aa2b
    Patch