sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task()
Summary
| CVE | CVE-2026-53328 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-07-01 14:16:40 UTC |
| Updated | 2026-07-01 14:16:40 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Don't warn on NULL cgrp_moving_from in scx_cgroup_move_task() A WARN fires when systemd's user manager writes "+cpu +memory +pids" to its own subtree_control while a sched_ext scheduler is loaded: WARNING: at kernel/sched/ext.c:3227 scx_cgroup_move_task+0xa8/0xb0 scx_cgroup_move_task+0xa8/0xb0 sched_move_task+0x134/0x290 cpu_cgroup_attach+0x39/0x70 cgroup_migrate_execute+0x37d/0x450 cgroup_update_dfl_csses+0x1e3/0x270 cgroup_subtree_control_write+0x3e7/0x440 scx_cgroup_can_attach() arms cgrp_moving_from only when a task's cpu cgroup changes. It can still be NULL when scx_cgroup_move_task() runs, through this sequence: Step Result --------------------------------- ---------------------------------- 1. cpu enabled on cgroup G cpu css = A 2. cpu toggled off then on for G A killed, B created (same cgroup) 3. an exiting task keeps A alive migration skips it, A now stale 4. +memory migrates G stale A vs current B pulls cpu in 5. cpu attach runs for all tasks hits a live, cpu-unchanged task 6. scx_cgroup_move_task() on it cgrp_moving_from NULL -> WARN The mismatch is that scx_cgroup_can_attach() keys on cgroup identity while migration drives the move on css identity, so a NULL cgrp_moving_from here is a legitimate css-only migration, not a missing prep. The call is already gated on cgrp_moving_from, so just drop the warning. ops.cgroup_prep_move() and ops.cgroup_move() stay paired. |
Risk And Classification
EPSS: 0.001680000 probability, percentile 0.063660000 (date 2026-07-03)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected 8195136669661fdfe54e9a8923c33b31c92fc1da cdff2eb97be147d2ce52ac1327841068781f25dc git | Not specified |
| CNA | Linux | Linux | affected 8195136669661fdfe54e9a8923c33b31c92fc1da 0ffcad63b19a1cadb475c9f405a93607fdcd0d7c git | Not specified |
| CNA | Linux | Linux | affected 8195136669661fdfe54e9a8923c33b31c92fc1da bc75f5951fac4e49d175c4433fc08fb1ec01172f git | Not specified |
| CNA | Linux | Linux | affected 8195136669661fdfe54e9a8923c33b31c92fc1da 02e545c4297a26dbbc41df81b831e7f605bcd306 git | Not specified |
| CNA | Linux | Linux | affected 6.12 | Not specified |
| CNA | Linux | Linux | unaffected 6.12 semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.94 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.36 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0.13 7.0.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.1 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/bc75f5951fac4e49d175c4433fc08fb1ec01172f | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/0ffcad63b19a1cadb475c9f405a93607fdcd0d7c | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/02e545c4297a26dbbc41df81b831e7f605bcd306 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/cdff2eb97be147d2ce52ac1327841068781f25dc | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.