CVE-2025-68218

Vulnerability

Overview

In the Linux kernel's nvme-multipath subsystem, a lockdep WARNING (WARN) was observed during blktests nvme/014, 057, and 058. The warning indicated a potential deadlock involving disk->open_mutex, kblockd workqueue completion, and partition_scan_work completion. The root cause is a circular dependency when partition scanning is scheduled on the kblockd workqueue, which can lead to a deadlock scenario under certain I/O patterns.

Exploitation

Context

This vulnerability is triggered during normal operation of NVMe multipath devices when partition scanning is initiated. No special privileges or network access are required; it can occur in any system using NVMe multipath with kernel versions that include the flawed code. The lockdep warning itself is a diagnostic tool, but the underlying deadlock could cause system hangs or unresponsive storage paths.

Impact

If the deadlock occurs, it can result in a denial of service (DoS) condition where the system becomes unresponsive or storage I/O stalls indefinitely. The lockdep WARN is a symptom of this potential deadlock, which could be exploited by an attacker with local access to trigger the specific I/O patterns that lead to the circular dependency.

Mitigation

The fix, committed in kernel stable trees [1][2], removes the dependency by running partition_scan_work on the nvme_wq workqueue instead of kblockd. This breaks the circular lock dependency and eliminates the lockdep WARN. Users should apply the corresponding kernel update to their distribution. No workaround is available other than updating the kernel.