Volerion logoVolerion
Volerion logoVolerion

Linux Kernel VMA Locking Deadlock Vulnerability in Procfs Build ID Handling

Vulnerability

A deadlock vulnerability has been identified in the Linux kernel's handling of build IDs within the procfs filesystem. This issue arises when the virtual memory area (VMA) lock is held while fetching the build ID, leading to a potential deadlock scenario. The vulnerability affects the Linux kernel stable tree and has been reported by syzbot.

Impact

The vulnerability can cause a deadlock, where two or more processes are unable to proceed because each is waiting for the other to release a lock.

Reproduction

The vulnerability can be reproduced by invoking the PROCMAP_QUERY while holding the VMA lock. This can be done through a sequence of operations that locks the VMA and then attempts to fetch the build ID, creating a deadlock situation.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree. Users can upgrade to the latest version to mitigate this issue.

Added: Feb 14, 2026, 5:24 PM
Updated: Feb 14, 2026, 5:24 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
3.0
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.