Volerion logoVolerion
Volerion logoVolerion

Linux Kernel dm-verity Recursive Forward Error Correction Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's dm-verity feature, specifically in versions prior to 1.13.0. The issue arises from recursive forward error correction, which can cause a significant performance degradation. The Red Hat QE team created a test image that exploited this flaw, causing the udev-worker process to become unresponsive. Additionally, the recursive correction mechanism is flawed, as it can overwrite data in a shared buffer, leading to incomplete data processing.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition, where the udev-worker process becomes unresponsive.

Reproduction

The vulnerability can be reproduced by using an image that pushes the dm-verity feature to its recursive correction limit. This will cause the udev-worker process to get stuck in a 'D' state, indicating it is unresponsive.

Remediation

Users can upgrade to Linux kernel version 1.13.0 or later, where this vulnerability has been addressed.

Added: Jan 23, 2026, 4:39 PM
Updated: Jan 23, 2026, 4:39 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.3
remediation
7.7
relevance
2.3
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.