CVE-2025-71180
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-31

Last updated on: 2026-03-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQF_NO_THREAD flag An IRQ handler can either be IRQF_NO_THREAD or acquire spinlock_t, as CONFIG_PROVE_RAW_LOCK_NESTING warns: ============================= [ BUG: Invalid wait context ] 6.18.0-rc1+git... #1 ----------------------------- some-user-space-process/1251 is trying to lock: (&counter->events_list_lock){....}-{3:3}, at: counter_push_event [counter] other info that might help us debug this: context-{2:2} no locks held by some-user-space-process/.... stack backtrace: CPU: 0 UID: 0 PID: 1251 Comm: some-user-space-process 6.18.0-rc1+git... #1 PREEMPT Call trace: show_stack (C) dump_stack_lvl dump_stack __lock_acquire lock_acquire _raw_spin_lock_irqsave counter_push_event [counter] interrupt_cnt_isr [interrupt_cnt] __handle_irq_event_percpu handle_irq_event handle_simple_irq handle_irq_desc generic_handle_domain_irq gpio_irq_handler handle_irq_desc generic_handle_domain_irq gic_handle_irq call_on_irq_stack do_interrupt_handler el0_interrupt __el0_irq_handler_common el0t_64_irq_handler el0t_64_irq ... and Sebastian correctly points out. Remove IRQF_NO_THREAD as an alternative to switching to raw_spinlock_t, because the latter would limit all potential nested locks to raw_spinlock_t only.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-31
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-01-31
EPSS Evaluated
2026-06-15
NVD
CVE-2025-71180
EUVD
EUVD-2025-206595
Affected Vendors & Products
Showing 14 associated CPEs
Vendor Product Version / Range
linux linux_kernel 5.13
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 6.13 (inc) to 6.18.6 (exc)
linux linux_kernel From 6.2 (inc) to 6.6.121 (exc)
linux linux_kernel From 6.7 (inc) to 6.12.66 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.161 (exc)
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel 6.19
linux linux_kernel From 5.13.1 (inc) to 5.15.198 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves improper handling of interrupt request (IRQ) flags, specifically the IRQF_NO_THREAD flag. An IRQ handler can either use IRQF_NO_THREAD or acquire a spinlock (spinlock_t), but not both. The issue arises because using IRQF_NO_THREAD alongside locking mechanisms can cause invalid wait contexts and potential deadlocks or kernel bugs. The fix involves dropping the IRQF_NO_THREAD flag to avoid conflicts with raw spinlocks and nested locking scenarios.

Impact Analysis

This vulnerability can lead to kernel instability, including invalid wait contexts and potential deadlocks when interrupt handlers improperly acquire locks. This can cause system crashes or unpredictable behavior in the Linux kernel, affecting system reliability and availability.

Mitigation Strategies

The vulnerability is resolved by removing the IRQF_NO_THREAD flag as an alternative to switching to raw_spinlock_t. Therefore, immediate mitigation involves updating the Linux kernel to a version where this fix is applied, ensuring that IRQ handlers do not use the IRQF_NO_THREAD flag improperly and avoid invalid wait contexts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-71180. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart