CVE-2025-21771: 
Linux Kernel vulnerability analysis and mitigation

A vulnerability in the Linux kernel's scheduler extension (sched_ext) has been identified and resolved, tracked as CVE-2025-21771. The issue was discovered on February 26, 2025, and involves incorrect autogroup migration detection in the kernel's scheduling system. The vulnerability affects the Linux kernel's task scheduling mechanism, specifically in the sched_ext component (NVD).

The vulnerability stems from the scx_move_task() function, which is called from sched_move_task() to notify the BPF scheduler about cgroup migration commitments. The function attempted to filter out autogroup migrations by testing the destination cgroup and PF_EXITING flag, but this approach proved insufficient. Without explicit tagging of threads performing cgroup migration, the system couldn't properly distinguish between racing migration to the root cgroup and autogroup migration. This led to scx_move_task() incorrectly ignoring migrations from non-root cgroup to an autogroup of the root cgroup (Kernel Commit).

The vulnerability could trigger warning messages in the kernel log when attempting cgroup migrations, specifically affecting task scheduling and group management operations. The issue manifests when migrating from a non-root cgroup to an autogroup of the root cgroup, potentially impacting system stability and task management functionality (Kernel Commit).

The issue has been fixed by adding an argument to sched_move_task() that explicitly indicates whether the moving is for a cgroup or autogroup migration. The fix includes renaming scx_move_task() to scx_cgroup_move_task() and ensuring it's only called for cgroup migrations. The patch has been merged into the mainline kernel (Kernel Commit).