CVE-2026-43392 Linux CVE debrief

Who should care

Organizations running Linux kernels with sched_ext enabled, particularly those using BPF-based extensible schedulers in production environments. System administrators managing container orchestration platforms or high-density compute environments where scheduler enablement may occur under load. Security teams tracking local denial-of-service vectors in kernel subsystems.

Technical summary

The sched_ext subsystem in the Linux kernel contains a race condition where scx_enable() can be starved by fair-class workloads. The enable path transitions tasks from fair to ext scheduling class, but because fair has higher priority, saturated fair workloads block completion. The vulnerability exists because scx_bypass() does not protect against fair-class starvation, unlike the previous preempt_disable() approach. The resolution creates a dedicated SCHED_FIFO kthread with real-time priority that executes the enable body, ensuring it cannot be starved by either fair or ext class tasks. The kthread is lazily initialized and uses kthread_work for synchronous completion handling.

Defensive priority

medium

Recommended defensive actions

• Apply kernel patches from the stable kernel git repository to affected systems
• Upgrade to Linux kernel 6.12.78 or later for 6.12.x series
• Upgrade to Linux kernel 6.18.20 or later for 6.13-6.18.x series
• Upgrade to Linux kernel 6.19.9 or later for 6.19.x series
• Monitor systems using sched_ext for unexpected hangs during scheduler enablement
• Review BPF scheduler loading procedures for potential trigger conditions

Evidence notes

The vulnerability affects Linux kernel versions 6.12 through 6.19.9, including release candidates. The CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) indicates local attack vector with low attack complexity, requiring low privileges, resulting in high availability impact. The fix involves creating a dedicated RT kthread for the enable operation and using kthread_work for synchronization.

Official resources