A vital race situation vulnerability has been found within the Linux kernel’s Rust Binder module, doubtlessly inflicting system crashes and reminiscence corruption.
Assigned CVE-2025-68260, this situation impacts the kernel’s inter-process communication mechanism and requires instant consideration from system directors and kernel maintainers.
The Vulnerability
The vulnerability exists within the Rust Binder element’s death_list dealing with mechanism. The flaw stems from an unsafe operation that removes gadgets from a linked checklist with out correct synchronization.
The problematic code makes an attempt to govern checklist pointers with out making certain unique entry, making a harmful race situation.
The problem arises from a particular implementation sample within the Node::launch operate. The code sequence entails buying a lock, transferring checklist gadgets to an area stack-based checklist, then releasing the lock earlier than iterating by the gadgets.
Whereas different threads are processing the unique checklist, this creates a window of alternative for concurrent entry to the prev/subsequent pointers, which might result in reminiscence corruption.
When this race situation is triggered, techniques expertise kernel panics and web page faults. Affected units crash with errors just like “Unable to deal with kernel paging request at digital handle.”
The vulnerability manifests as inner reminiscence corruption, leading to kernel oops messages and system instability.
Gadgets operating susceptible kernel variations could expertise sudden reboots and repair interruptions.
The vulnerability was launched in kernel model 6.18 with a particular commit change to the binder code. It impacts the drivers/android/binder/node.rs file instantly.
The situation has been patched in kernel 6.18.1 and 6.19-rc1, with fixes obtainable within the upstream kernel repositories.
The Linux kernel growth group strongly recommends updating to the most recent steady kernel model.
Full kernel updates are most well-liked over particular person commit cherry-picks, as modifications are examined as a part of bigger releases.
Customers unable to replace instantly can apply particular commits from the kernel repositories to resolve this race situation.
System directors ought to prioritise patching this vulnerability to keep up system stability and stop sudden downtime.
Comply with us on Google Information, LinkedIn, and X to Get Immediate Updates and Set GBH as a Most well-liked Supply in Google.
