CVE-2025-68168
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-18

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was never initialized because the initialization loop started at index 1 instead of 0. This causes a 'non-static key' lockdep warning and system crash: INFO: trying to register non-static key in txEnd Fix by ensuring all transaction blocks including TxBlock[0] have their waitqueues properly initialized during txInit().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-14
NVD
CVE-2025-68168
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's JFS transaction manager. The issue is that the waitqueue for TxBlock[0] was not initialized properly during transaction manager initialization. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction, but txEnd(0) still gets called and tries to access the uninitialized waitqueue TxBlock[0].waitor. This causes a system crash and a lockdep warning. The fix ensures that all transaction blocks, including TxBlock[0], have their waitqueues properly initialized.

Impact Analysis

This vulnerability can cause a system crash when the Linux kernel's JFS transaction manager handles read-only filesystems. Specifically, the uninitialized waitqueue leads to a crash and lockdep warning, potentially causing system instability or downtime.

Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the jfs transaction manager initialization bug is fixed. This ensures that TxBlock[0].waitor waitqueue is properly initialized, preventing the crash when txEnd(0) is called on read-only filesystems.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-68168. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart