CVE-2026-43392

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> sched_ext: Fix starvation of scx_enable() under fair-class saturation<br /> <br /> During scx_enable(), the READY -&gt; ENABLED task switching loop changes the<br /> calling thread&amp;#39;s sched_class from fair to ext. Since fair has higher<br /> priority than ext, saturating fair-class workloads can indefinitely starve<br /> the enable thread, hanging the system. This was introduced when the enable<br /> path switched from preempt_disable() to scx_bypass() which doesn&amp;#39;t protect<br /> against fair-class starvation. Note that the original preempt_disable()<br /> protection wasn&amp;#39;t complete either - in partial switch modes, the calling<br /> thread could still be starved after preempt_enable() as it may have been<br /> switched to ext class.<br /> <br /> Fix it by offloading the enable body to a dedicated system-wide RT<br /> (SCHED_FIFO) kthread which cannot be starved by either fair or ext class<br /> tasks. scx_enable() lazily creates the kthread on first use and passes the<br /> ops pointer through a struct scx_enable_cmd containing the kthread_work,<br /> then synchronously waits for completion.<br /> <br /> The workfn runs on a different kthread from sch-&gt;helper (which runs<br /> disable_work), so it can safely flush disable_work on the error path<br /> without deadlock.