CVE-2025-68168
CVE-2025-68168 is a security vulnerability that is still awaiting full analysis and scoring. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- EPSS exploit prediction: 0% (7th percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2025-203728
- Published:
- Last modified:
Description
In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was never initialized because the initialization loop started at index 1 instead of 0. This causes a 'non-static key' lockdep warning and system crash: INFO: trying to register non-static key in txEnd Fix by ensuring all transaction blocks including TxBlock[0] have their waitqueues properly initialized during txInit().
Frequently asked questions
- What is CVE-2025-68168?
- In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in txInit() was not properly initializing TxBlock[0].waitor waitqueue, causing a crash when txEnd(0) is called on read-only filesystems. When a filesystem is mounted read-only, txBegin() returns tid=0 to indicate no transaction. However, txEnd(0) still gets called and tries to access TxBlock[0].waitor via tid_to_tblock(0), but this waitqueue was never initialized because the initialization loop started at index 1 instead of 0. This causes a 'non-static key' lockdep warning and system crash: INFO: trying to register non-static key in txEnd Fix by ensuring all transaction blocks including TxBlock[0] have their waitqueues properly initialized during txInit().
- Is CVE-2025-68168 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (7th percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2025-68168?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2025-68168 have an EU (EUVD) identifier?
- Yes. CVE-2025-68168 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-203728.
- When was CVE-2025-68168 published?
- CVE-2025-68168 was published on 2025-12-16 and last updated on 2026-06-17.
References
- https://git.kernel.org/stable/c/038861414ab383b41dd35abbf9ff0ef715592d53
- https://git.kernel.org/stable/c/2a9575a372182ca075070b3cd77490dcf0c951e7
- https://git.kernel.org/stable/c/300b072df72694ea330c4c673c035253e07827b8
- https://git.kernel.org/stable/c/8cae9cf23e0bd424ac904e753639a587543ce03a
- https://git.kernel.org/stable/c/a2aa97cde9857f881920635a2e3d3b11769619c5
- https://git.kernel.org/stable/c/cbf2f527ae4ca7c7dabce42e85e8deb58588a37e
- https://git.kernel.org/stable/c/d2dd7ca05a11685c314e62802a55e8d67a90e974
- https://git.kernel.org/stable/c/d6af7fce2e162ac68e85d3a11eb6ac8c35b24b64