Linux Kernel Tracing Component Count Validation Vulnerability

Vulnerability

A vulnerability has been identified in the Linux kernel's tracing component, specifically related to the validation of count values for the 'tracing_cpumask_write' function. If an excessively large count is provided, it can trigger a warning during the bitmap parsing process. The vulnerability has been addressed by implementing a check to prevent invalid count values and ensuring that zero counts are properly handled.

Impact

Exploitation of this vulnerability could lead to improper count handling, potentially causing unexpected behavior in the tracing system, such as incorrect CPU mask processing or unnecessary warnings that could obscure legitimate issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Tracing Component Count Validation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating