CVE-2025-40327
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix system hang caused by cpu-clock usage cpu-clock usage by the async-profiler tool can trigger a system hang, which got bisected back to the following commit by Octavia Togami: 18dbcbfabfff ("perf: Fix the POLL_HUP delivery breakage") causes this issue The root cause of the hang is that cpu-clock is a special type of SW event which relies on hrtimers. The __perf_event_overflow() callback is invoked from the hrtimer handler for cpu-clock events, and __perf_event_overflow() tries to call cpu_clock_event_stop() to stop the event, which calls htimer_cancel() to cancel the hrtimer. But that's a recursion into the hrtimer code from a hrtimer handler, which (unsurprisingly) deadlocks. To fix this bug, use hrtimer_try_to_cancel() instead, and set the PERF_HES_STOPPED flag, which causes perf_swevent_hrtimer() to stop the event once it sees the PERF_HES_STOPPED flag. [ mingo: Fixed the comments and improved the changelog. ]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-12-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-40327
EUVD
EUVD-2025-201875
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel involves the cpu-clock usage by the async-profiler tool, which can cause the system to hang. The issue is due to a recursion deadlock in the hrtimer code: the __perf_event_overflow() callback, invoked from the hrtimer handler for cpu-clock events, tries to stop the event by calling cpu_clock_event_stop(), which cancels the hrtimer. This cancellation leads to a recursion into the hrtimer code from within the hrtimer handler, causing a deadlock and system hang. The fix involves using hrtimer_try_to_cancel() instead and setting a flag to properly stop the event without causing recursion.


How can this vulnerability impact me? :

This vulnerability can cause the system to hang when cpu-clock usage is triggered by the async-profiler tool. A system hang means the affected Linux system could become unresponsive, potentially leading to downtime, disruption of services, and loss of productivity until the system is rebooted or the issue is resolved.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is fixed by updating the Linux kernel to a version that includes the patch replacing htimer_cancel() with hrtimer_try_to_cancel() and setting the PERF_HES_STOPPED flag to prevent the deadlock. Therefore, the immediate mitigation step is to update your Linux kernel to the fixed version that resolves this issue.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart