Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Block Throttle Policy Activation Race Condition Vulnerability

Vulnerability

A race condition vulnerability has been identified in the Linux kernel's block throttling mechanism. This issue occurs during the activation of throttle policies, where a NULL pointer dereference can lead to a crash. The vulnerability arises because the throttle policy may not be fully initialized before it is accessed, particularly after cold boots. As a result, the system can attempt to dereference a NULL pointer, causing a kernel crash.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a system crash.

Reproduction

The vulnerability can be reproduced by performing repeated cold boots on a system running the affected Linux kernel. During the boot process, the block throttle policy may not be fully initialized before it is needed, leading to a NULL pointer dereference when the system tries to apply throttling based on the policy.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Nov 12, 2025, 11:45 AM
Updated: Nov 12, 2025, 5:14 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
0.9
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.