Primary

Context

Linux Kernel LSM General Protection Fault Vulnerability in Legacy Parse Param Handling

Vulnerability

Patched

A vulnerability in the Linux kernel's handling of legacy mount options can lead to a general protection fault. This issue arises within the Linux Security Module (LSM) framework, where the 'bail on fail' scheme fails to address scenarios where a security module returns an error code indicating unrecognized input. In this case, the Smack security module correctly acknowledges a mount option and returns 0, but subsequent BPF hook calls return -ENOPARAM, creating confusion. Additionally, the SELinux hook improperly indicates success by returning 1 instead of the expected 0, contributing to the issue.

Impact

Exploitation of this vulnerability causes a general protection fault, which can lead to a denial of service by crashing the system or causing instability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel LSM General Protection Fault Vulnerability in Legacy Parse Param Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating