Linux Kernel TIF_IO_BITMAP Inconsistency Leading to NULL Pointer Dereference

Vulnerability

A vulnerability in the Linux kernel's handling of I/O privilege bitmaps can cause a NULL pointer dereference. This issue arises in the x86 architecture when a task exits or a fork fails. During these processes, the exit_thread function cleans up resources, but if the current task has the TIF_IO_BITMAP flag set without a corresponding bitmap installed, it leads to a crash. The problem is compounded when a kernel thread is created in the context of a user space thread with the TIF_IO_BITMAP flag, causing inconsistencies that can be exploited.

Impact

Exploitation of this vulnerability causes a system crash due to a NULL pointer dereference, disrupting normal operations and potentially leading to a denial of service.

Added: Jul 3, 2025, 11:39 AM

Updated: Jul 3, 2025, 11:39 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel TIF_IO_BITMAP Inconsistency Leading to NULL Pointer Dereference

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating