{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-21767","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-12-29T08:45:45.762Z","datePublished":"2025-02-27T02:18:17.067Z","dateUpdated":"2026-05-12T12:03:49.845Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T21:06:00.251Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n  BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n  preempt_count: 1, expected: 0\n  RCU nest depth: 0, expected: 0\n  get_random_u32+0x4f/0x110\n  clocksource_verify_choose_cpus+0xab/0x1a0\n  clocksource_verify_percpu.part.0+0x6b/0x330\n  clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled.  This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs.  The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/time/clocksource.c"],"versions":[{"version":"d9b40ebd448e437ffbc65f013836f98252279a82","lessThan":"d9c217fadfcff7a8df58567517d1e4253f3fd243","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"60f54f0d4ea530950549a8263e6fdd70a40490a4","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"852805b6cbdb69c298a8fc9fbe79994c95106e04","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"8783ceeee797d9aa9cfe150690fb9d0bac8cc459","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"cc3d79e7c806cb57d71c28a4a35e7d7fb3265faa","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"0fb534187d2355f6c8f995321e76d1ccd1262ac1","status":"affected","versionType":"git"},{"version":"7560c02bdffb7c52d1457fa551b9e745d4b9e754","lessThan":"6bb05a33337b2c842373857b63de5c9bf1ae2a09","status":"affected","versionType":"git"},{"version":"193e14e68e907b2a7a936a7726accbaa4df25a4d","status":"affected","versionType":"git"},{"version":"155d3c5d24ee13cafa6236b49fc02b240a511d59","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/time/clocksource.c"],"versions":[{"version":"5.14","status":"affected"},{"version":"0","lessThan":"5.14","status":"unaffected","versionType":"semver"},{"version":"5.10.235","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.179","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.129","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.79","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.16","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.13.4","lessThanOrEqual":"6.13.*","status":"unaffected","versionType":"semver"},{"version":"6.14","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.50","versionEndExcluding":"5.10.235"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"5.15.179"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.1.129"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.6.79"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.12.16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.13.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.12.17"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13.2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/d9c217fadfcff7a8df58567517d1e4253f3fd243"},{"url":"https://git.kernel.org/stable/c/60f54f0d4ea530950549a8263e6fdd70a40490a4"},{"url":"https://git.kernel.org/stable/c/852805b6cbdb69c298a8fc9fbe79994c95106e04"},{"url":"https://git.kernel.org/stable/c/8783ceeee797d9aa9cfe150690fb9d0bac8cc459"},{"url":"https://git.kernel.org/stable/c/cc3d79e7c806cb57d71c28a4a35e7d7fb3265faa"},{"url":"https://git.kernel.org/stable/c/0fb534187d2355f6c8f995321e76d1ccd1262ac1"},{"url":"https://git.kernel.org/stable/c/6bb05a33337b2c842373857b63de5c9bf1ae2a09"}],"title":"clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:37:24.318Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-05-12T12:03:49.845Z"},"affected":[{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"},{"vendor":"Siemens","product":"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP","versions":[{"status":"affected","version":"V3.1.5","lessThan":"*","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"}]}]}}