{"id":"CVE-2025-68320","summary":"lan966x: Fix sleeping in atomic context","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nlan966x: Fix sleeping in atomic context\n\nThe following warning was seen when we try to connect using ssh to the device.\n\nBUG: sleeping function called from invalid context at kernel/locking/mutex.c:575\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 104, name: dropbear\npreempt_count: 1, expected: 0\nINFO: lockdep is turned off.\nCPU: 0 UID: 0 PID: 104 Comm: dropbear Tainted: G        W           6.18.0-rc2-00399-g6f1ab1b109b9-dirty #530 NONE\nTainted: [W]=WARN\nHardware name: Generic DT based system\nCall trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x7c/0xac\n dump_stack_lvl from __might_resched+0x16c/0x2b0\n __might_resched from __mutex_lock+0x64/0xd34\n __mutex_lock from mutex_lock_nested+0x1c/0x24\n mutex_lock_nested from lan966x_stats_get+0x5c/0x558\n lan966x_stats_get from dev_get_stats+0x40/0x43c\n dev_get_stats from dev_seq_printf_stats+0x3c/0x184\n dev_seq_printf_stats from dev_seq_show+0x10/0x30\n dev_seq_show from seq_read_iter+0x350/0x4ec\n seq_read_iter from seq_read+0xfc/0x194\n seq_read from proc_reg_read+0xac/0x100\n proc_reg_read from vfs_read+0xb0/0x2b0\n vfs_read from ksys_read+0x6c/0xec\n ksys_read from ret_fast_syscall+0x0/0x1c\nException stack(0xf0b11fa8 to 0xf0b11ff0)\n1fa0:                   00000001 00001000 00000008 be9048d8 00001000 00000001\n1fc0: 00000001 00001000 00000008 00000003 be905920 0000001e 00000000 00000001\n1fe0: 0005404c be9048c0 00018684 b6ec2cd8\n\nIt seems that we are using a mutex in a atomic context which is wrong.\nChange the mutex with a spinlock.","modified":"2026-04-16T04:33:04.084145640Z","published":"2025-12-16T15:44:18.217Z","related":["SUSE-SU-2026:0447-1","SUSE-SU-2026:0472-1","SUSE-SU-2026:0587-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20555-1","SUSE-SU-2026:20599-1","SUSE-SU-2026:20615-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1","openSUSE-SU-2026:20287-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68320.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0216721ce71252f60d89af49c8dff613358058d3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3ac743c60ec502163c435712d527eeced8d83348"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5a5d2f7727752b64d13263eacd9f8d08a322e662"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c8ab03aa5bd9fd8bfe5d9552d8605826759fdd4d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/68xxx/CVE-2025-68320.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-68320"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"12c2d0a5b8e2a1afc8c7738e19a0d1dd7f3d4007"},{"fixed":"5a5d2f7727752b64d13263eacd9f8d08a322e662"},{"fixed":"c8ab03aa5bd9fd8bfe5d9552d8605826759fdd4d"},{"fixed":"3ac743c60ec502163c435712d527eeced8d83348"},{"fixed":"0216721ce71252f60d89af49c8dff613358058d3"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68320.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.17.0"},{"fixed":"6.6.117"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.58"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.17.8"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-68320.json"}}],"schema_version":"1.7.5"}