CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-37802: ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"

Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"

wait_event_timeout() will set the state of the current
task to TASK_UNINTERRUPTIBLE, before doing the condition check. This
means that ksmbd_durable_scavenger_alive() will try to acquire the mutex
while already in a sleeping state. The scheduler warns us by giving
the following warning:

do not call blocking ops when !TASK_RUNNING; state=2 set at
[<0000000061515a6f>] prepare_to_wait_event+0x9f/0x6c0
WARNING: CPU: 2 PID: 4147 at kernel/sched/core.c:10099 __might_sleep+0x12f/0x160

mutex lock is not needed in ksmbd_durable_scavenger_alive().

Classification

CVE ID: CVE-2025-37802

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 1.11% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-37802
https://git.kernel.org/stable/c/8f805b3746d2f41702c77cba22f94f8415fadd1a
https://git.kernel.org/stable/c/cd161198e091e8a62b9bd631be970ea9a87d2d6a
https://git.kernel.org/stable/c/1df0d4c616138784e033ad337961b6e1a6bcd999

Timeline

2025-05-08 07:40:11 UTC
CVE

ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"