Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-71117— block: Remove queue freezing from several sysfs store callbacks

EPSS 0.01% · P3
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-71117

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
block: Remove queue freezing from several sysfs store callbacks
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queue_if_no_path option. Additionally, freezing the request queue slows down system boot on systems where sysfs attributes are set synchronously. Fix this by removing the blk_mq_freeze_queue() / blk_mq_unfreeze_queue() calls from the store callbacks that do not strictly need these callbacks. Add the __data_racy annotation to request_queue.rq_timeout to suppress KCSAN data race reports about the rq_timeout reads. This patch may cause a small delay in applying the new settings. For all the attributes affected by this patch, I/O will complete correctly whether the old or the new value of the attribute is used. This patch affects the following sysfs attributes: * io_poll_delay * io_timeout * nomerges * read_ahead_kb * rq_affinity Here is an example of a deadlock triggered by running test srp/002 if this patch is not applied: task:multipathd Call Trace: <TASK> __schedule+0x8c1/0x1bf0 schedule+0xdd/0x270 schedule_preempt_disabled+0x1c/0x30 __mutex_lock+0xb89/0x1650 mutex_lock_nested+0x1f/0x30 dm_table_set_restrictions+0x823/0xdf0 __bind+0x166/0x590 dm_swap_table+0x2a7/0x490 do_resume+0x1b1/0x610 dev_suspend+0x55/0x1a0 ctl_ioctl+0x3a5/0x7e0 dm_ctl_ioctl+0x12/0x20 __x64_sys_ioctl+0x127/0x1a0 x64_sys_call+0xe2b/0x17d0 do_syscall_64+0x96/0x3a0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 </TASK> task:(udev-worker) Call Trace: <TASK> __schedule+0x8c1/0x1bf0 schedule+0xdd/0x270 blk_mq_freeze_queue_wait+0xf2/0x140 blk_mq_freeze_queue_nomemsave+0x23/0x30 queue_ra_store+0x14e/0x290 queue_attr_store+0x23e/0x2c0 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3b2/0x630 vfs_write+0x4fd/0x1390 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x276/0x17d0 do_syscall_64+0x96/0x3a0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 </TASK>
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于请求队列冻结不当,可能导致死锁或系统启动缓慢。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux af2814149883e2c1851866ea2afcd8eadc040f79 ~ 3997b3147c7b68b0308378fa95a766015f8ceb1c -
LinuxLinux 6.11 -

II. Public POCs for CVE-2025-71117

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-71117

登录查看更多情报信息。

Same Patch Batch · Linux · 2026-01-14 · 43 CVEs total

CVE-2025-71112net: hns3: add VLAN id validation before using
CVE-2025-71123ext4: fix string copying in parse_apply_sb_mount_options()
CVE-2025-71108usb: typec: ucsi: Handle incorrect num_connectors capability
CVE-2025-71110mm/slub: reset KASAN tag in defer_free() before accessing freed memory
CVE-2025-71109MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits
CVE-2025-71105f2fs: use global inline_xattr_slab instead of per-sb slab cache
CVE-2025-71104KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer
CVE-2025-71103drm/msm: adreno: fix deferencing ifpc_reglist when not declared
CVE-2025-71102scs: fix a wrong parameter in __scs_magic
CVE-2025-71106fs: PM: Fix reverse check in filesystems_freeze_callback()
CVE-2025-71111hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
CVE-2025-71113crypto: af_alg - zero initialize memory allocated via sock_kmalloc
CVE-2025-71114via_wdt: fix critical boot hang due to unnamed resource allocation
CVE-2025-71115um: init cpu_tasks[] earlier
CVE-2025-71116libceph: make decode_pool() more resilient against corrupted osdmaps
CVE-2025-71118ACPICA: Avoid walking the Namespace if start_node is NULL
CVE-2025-71120SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf
CVE-2025-71119powerpc/kexec: Enable SMT before waking offline CPUs
CVE-2025-71121parisc: Do not reprogram affinitiy on ASP chip
CVE-2025-71122iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED

Showing top 20 of 43 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2025-71117

Anonymous User
2026-01-15 06:08:14

Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.

Leave a comment