CVE-2025-71142 (GCVE-0-2025-71142)

Vulnerability from cvelistv5 – Published: 2026-01-14 15:07 – Updated: 2026-01-14 15:07
VLAI?
Title
cpuset: fix warning when disabling remote partition
Summary
In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110 RIP: 0010:remote_partition_disable+0xf7/0x110 RSP: 0018:ffffc90001947d88 EFLAGS: 00000206 RAX: 0000000000007fff RBX: ffff888103b6e000 RCX: 0000000000006f40 RDX: 0000000000006f00 RSI: ffffc90001947da8 RDI: ffff888103b6e000 RBP: ffff888103b6e000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000001 R11: ffff88810b2e2728 R12: ffffc90001947da8 R13: 0000000000000000 R14: ffffc90001947da8 R15: ffff8881081f1c00 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f55c8bbe0b2 CR3: 000000010b14c000 CR4: 00000000000006f0 Call Trace: <TASK> update_prstate+0x2d3/0x580 cpuset_partition_write+0x94/0xf0 kernfs_fop_write_iter+0x147/0x200 vfs_write+0x35d/0x500 ksys_write+0x66/0xe0 do_syscall_64+0x6b/0x390 entry_SYSCALL_64_after_hwframe+0x4b/0x53 RIP: 0033:0x7f55c8cd4887 Reproduction steps (on a 16-CPU machine): # cd /sys/fs/cgroup/ # mkdir A1 # echo +cpuset > A1/cgroup.subtree_control # echo "0-14" > A1/cpuset.cpus.exclusive # mkdir A1/A2 # echo "0-14" > A1/A2/cpuset.cpus.exclusive # echo "root" > A1/A2/cpuset.cpus.partition # echo 0 > /sys/devices/system/cpu/cpu15/online # echo member > A1/A2/cpuset.cpus.partition When CPU 15 is offlined, subpartitions_cpus gets cleared because no CPUs remain available for the top_cpuset, forcing partitions to share CPUs with the top_cpuset. In this scenario, disabling the remote partition triggers a warning stating that effective_xcpus is not a subset of subpartitions_cpus. Partitions should be invalidated in this case to inform users that the partition is now invalid(cpus are shared with top_cpuset). To fix this issue: 1. Only emit the warning only if subpartitions_cpus is not empty and the effective_xcpus is not a subset of subpartitions_cpus. 2. During the CPU hotplug process, invalidate partitions if subpartitions_cpus is empty.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: f62a5d39368e34a966c8df63e1f05eed7fe9c5de , < 5d8b9d38a7676be7bb5e7d57f92156a98dab39fb (git)
Affected: f62a5d39368e34a966c8df63e1f05eed7fe9c5de , < aa7d3a56a20f07978d9f401e13637a6479b13bd0 (git)
Create a notification for this product.
    Linux Linux Affected: 6.15
Unaffected: 0 , < 6.15 (semver)
Unaffected: 6.18.4 , ≤ 6.18.* (semver)
Unaffected: 6.19-rc4 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "kernel/cgroup/cpuset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5d8b9d38a7676be7bb5e7d57f92156a98dab39fb",
              "status": "affected",
              "version": "f62a5d39368e34a966c8df63e1f05eed7fe9c5de",
              "versionType": "git"
            },
            {
              "lessThan": "aa7d3a56a20f07978d9f401e13637a6479b13bd0",
              "status": "affected",
              "version": "f62a5d39368e34a966c8df63e1f05eed7fe9c5de",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "kernel/cgroup/cpuset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.15"
            },
            {
              "lessThan": "6.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.19-rc4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.4",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19-rc4",
                  "versionStartIncluding": "6.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpuset: fix warning when disabling remote partition\n\nA warning was triggered as follows:\n\nWARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110\nRIP: 0010:remote_partition_disable+0xf7/0x110\nRSP: 0018:ffffc90001947d88 EFLAGS: 00000206\nRAX: 0000000000007fff RBX: ffff888103b6e000 RCX: 0000000000006f40\nRDX: 0000000000006f00 RSI: ffffc90001947da8 RDI: ffff888103b6e000\nRBP: ffff888103b6e000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: ffff88810b2e2728 R12: ffffc90001947da8\nR13: 0000000000000000 R14: ffffc90001947da8 R15: ffff8881081f1c00\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f55c8bbe0b2 CR3: 000000010b14c000 CR4: 00000000000006f0\nCall Trace:\n \u003cTASK\u003e\n update_prstate+0x2d3/0x580\n cpuset_partition_write+0x94/0xf0\n kernfs_fop_write_iter+0x147/0x200\n vfs_write+0x35d/0x500\n ksys_write+0x66/0xe0\n do_syscall_64+0x6b/0x390\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7f55c8cd4887\n\nReproduction steps (on a 16-CPU machine):\n\n        # cd /sys/fs/cgroup/\n        # mkdir A1\n        # echo +cpuset \u003e A1/cgroup.subtree_control\n        # echo \"0-14\" \u003e A1/cpuset.cpus.exclusive\n        # mkdir A1/A2\n        # echo \"0-14\" \u003e A1/A2/cpuset.cpus.exclusive\n        # echo \"root\" \u003e A1/A2/cpuset.cpus.partition\n        # echo 0 \u003e /sys/devices/system/cpu/cpu15/online\n        # echo member \u003e A1/A2/cpuset.cpus.partition\n\nWhen CPU 15 is offlined, subpartitions_cpus gets cleared because no CPUs\nremain available for the top_cpuset, forcing partitions to share CPUs with\nthe top_cpuset. In this scenario, disabling the remote partition triggers\na warning stating that effective_xcpus is not a subset of\nsubpartitions_cpus. Partitions should be invalidated in this case to\ninform users that the partition is now invalid(cpus are shared with\ntop_cpuset).\n\nTo fix this issue:\n1. Only emit the warning only if subpartitions_cpus is not empty and the\n   effective_xcpus is not a subset of subpartitions_cpus.\n2. During the CPU hotplug process, invalidate partitions if\n   subpartitions_cpus is empty."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-14T15:07:55.145Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5d8b9d38a7676be7bb5e7d57f92156a98dab39fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa7d3a56a20f07978d9f401e13637a6479b13bd0"
        }
      ],
      "title": "cpuset: fix warning when disabling remote partition",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-71142",
    "datePublished": "2026-01-14T15:07:55.145Z",
    "dateReserved": "2026-01-13T15:30:19.661Z",
    "dateUpdated": "2026-01-14T15:07:55.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-71142\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-01-14T15:16:04.010\",\"lastModified\":\"2026-01-14T16:25:12.057\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncpuset: fix warning when disabling remote partition\\n\\nA warning was triggered as follows:\\n\\nWARNING: kernel/cgroup/cpuset.c:1651 at remote_partition_disable+0xf7/0x110\\nRIP: 0010:remote_partition_disable+0xf7/0x110\\nRSP: 0018:ffffc90001947d88 EFLAGS: 00000206\\nRAX: 0000000000007fff RBX: ffff888103b6e000 RCX: 0000000000006f40\\nRDX: 0000000000006f00 RSI: ffffc90001947da8 RDI: ffff888103b6e000\\nRBP: ffff888103b6e000 R08: 0000000000000000 R09: 0000000000000000\\nR10: 0000000000000001 R11: ffff88810b2e2728 R12: ffffc90001947da8\\nR13: 0000000000000000 R14: ffffc90001947da8 R15: ffff8881081f1c00\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 00007f55c8bbe0b2 CR3: 000000010b14c000 CR4: 00000000000006f0\\nCall Trace:\\n \u003cTASK\u003e\\n update_prstate+0x2d3/0x580\\n cpuset_partition_write+0x94/0xf0\\n kernfs_fop_write_iter+0x147/0x200\\n vfs_write+0x35d/0x500\\n ksys_write+0x66/0xe0\\n do_syscall_64+0x6b/0x390\\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\\nRIP: 0033:0x7f55c8cd4887\\n\\nReproduction steps (on a 16-CPU machine):\\n\\n        # cd /sys/fs/cgroup/\\n        # mkdir A1\\n        # echo +cpuset \u003e A1/cgroup.subtree_control\\n        # echo \\\"0-14\\\" \u003e A1/cpuset.cpus.exclusive\\n        # mkdir A1/A2\\n        # echo \\\"0-14\\\" \u003e A1/A2/cpuset.cpus.exclusive\\n        # echo \\\"root\\\" \u003e A1/A2/cpuset.cpus.partition\\n        # echo 0 \u003e /sys/devices/system/cpu/cpu15/online\\n        # echo member \u003e A1/A2/cpuset.cpus.partition\\n\\nWhen CPU 15 is offlined, subpartitions_cpus gets cleared because no CPUs\\nremain available for the top_cpuset, forcing partitions to share CPUs with\\nthe top_cpuset. In this scenario, disabling the remote partition triggers\\na warning stating that effective_xcpus is not a subset of\\nsubpartitions_cpus. Partitions should be invalidated in this case to\\ninform users that the partition is now invalid(cpus are shared with\\ntop_cpuset).\\n\\nTo fix this issue:\\n1. Only emit the warning only if subpartitions_cpus is not empty and the\\n   effective_xcpus is not a subset of subpartitions_cpus.\\n2. During the CPU hotplug process, invalidate partitions if\\n   subpartitions_cpus is empty.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/5d8b9d38a7676be7bb5e7d57f92156a98dab39fb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/aa7d3a56a20f07978d9f401e13637a6479b13bd0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.