Primary

Context

Linux Kernel Null Pointer Dereference Vulnerability in SYSV File System

Vulnerability

Patched

A null pointer dereference vulnerability has been identified in the Linux kernel's SYSV file system. This issue arises because the function 'sb_getblk' can return a null pointer, which, when followed by taking a lock, leads to a dereference of a null pointer, causing a crash. The vulnerability has been addressed by adding a null check before the lock is applied.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by triggering the 'alloc_branch' function in the SYSV file system. When 'sb_getblk' is called with a parent block that does not exist, it returns a null pointer. If the code then attempts to lock this null pointer, it causes a null pointer dereference, crashing the kernel.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: Dec 30, 2025, 2:51 PM

Updated: Dec 30, 2025, 2:51 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

1.6

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Null Pointer Dereference Vulnerability in SYSV File System

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating