Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Hugetlbfs Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's hugetlbfs file system. This issue arises in the hugetlbfs_parse_param function, where the code improperly dereferences a parameter string without checking if it is null. The vulnerability can be triggered by passing an illegal mount parameter, such as 'size=,'. This flaw was reported by Syzkaller and is present in the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by mounting a hugetlbfs file system with an invalid parameter that results in a null pointer being passed to the hugetlbfs_parse_param function. This can be done by using the 'size=,' parameter, which creates a null pointer in the fs_parameter structure. When this structure is processed by the hugetlbfs_parse_param function, it triggers the null pointer dereference.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been patched.

Added: Sep 15, 2025, 6:19 PM
Updated: Sep 15, 2025, 6:19 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.