Acknowledged
Created: Oct 10, 2025
Updated: Oct 17, 2025
Found In Version: 10.22.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 22
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop[EOL][EOL]With this refcnt added in sctp_stream_priorities, we don't need to[EOL]traverse all streams to check if the prio is used by other streams[EOL]when freeing one stream's prio in sctp_sched_prio_free_sid(). This[EOL]can avoid a nested loop (up to 65535 * 65535), which may cause a[EOL]stuck as Ying reported:[EOL][EOL] watchdog: BUG: soft lockup - CPU#23 stuck for 26s! [ksoftirqd/23:136][EOL] Call Trace:[EOL] <TASK>[EOL] sctp_sched_prio_free_sid+0xab/0x100 [sctp][EOL] sctp_stream_free_ext+0x64/0xa0 [sctp][EOL] sctp_stream_free+0x31/0x50 [sctp][EOL] sctp_association_free+0xa5/0x200 [sctp][EOL][EOL]Note that it doesn't need to use refcount_t type for this counter,[EOL]as its accessing is always protected under the sock lock.[EOL][EOL]v1->v2:[EOL] - add a check in sctp_sched_prio_set to avoid the possible prio_head[EOL] refcnt overflow.
