Primary

Context

Linux Kernel Ceph Module Null Pointer Dereference Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Ceph file system module can lead to a kernel crash. This issue arises in the 'move_dirty_folio_in_page_array()' function, which was introduced in a previous commit. The function is designed to process dirty folios and return error codes when issues are encountered. However, due to a flaw in the refactoring, the function mistakenly always returns success, causing errors to be ignored and leaving NULL entries in the page array. These NULL entries can later trigger a kernel crash.

Impact

Exploitation of this vulnerability can cause a kernel crash, disrupting system operations and potentially leading to a denial of service.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Sep 23, 2025, 6:27 AM

Updated: Sep 23, 2025, 6:27 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Ceph Module Null Pointer Dereference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating