Primary

Context

Linux Kernel NULL Pointer Dereference Vulnerability in PAGEMAP_SCAN IOCTL

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in the Linux kernel's handling of the PAGEMAP_SCAN ioctl. This issue occurs when vec_len is set to 0, leading to a kernel panic due to a null pointer dereference. The vulnerability has been observed in Linux kernel version 6.17.0-rc6.

Impact

Exploitation of this vulnerability causes a general protection fault, leading to a kernel panic.

Reproduction

To reproduce this vulnerability, invoke the PAGEMAP_SCAN ioctl with vec_len set to 0. This can be done using a simple C program or script that makes the appropriate ioctl call. The kernel will panic, displaying an 'Oops' message indicating a general protection fault caused by a null pointer dereference.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been fixed.

Added: Oct 20, 2025, 4:28 PM

Updated: Oct 20, 2025, 4:28 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in PAGEMAP_SCAN IOCTL

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating