A flaw in the Linux kernel’s HFS+ filesystem implementation causes an allocation leak when a superblock is allocated but the subsequent initialization fails. The superblock’s filesystem‑specific data structure, sb->s_fs_info, is not freed and remains allocated, resulting in memory that is no longer usable by the system. If this occurs repeatedly, it can lead to a gradual increase in memory consumption and eventually exhaust available memory, rendering the kernel unable to schedule processes and causing a denial of service. This weakness is represented by CWE‑400 and CWE‑404, as it involves an uncontrolled resource consumption and an improper resource release.

The vulnerability affects the Linux kernel across all vendors that ship their own iterations of the kernel and use the default HFS+ filesystem module. No specific kernel version is listed, so any kernel that has not yet been patched for this issue is potentially impacted.

While the Exact CVSS score is not provided, the exploitation of this flaw requires successful mounting of an HFS+ filesystem with the new mount API, indicating a local privileged attack vector. The EPSS score is unavailable, and the issue is not listed in the CISA KEV catalog. Nevertheless, the memory‑leak condition can be exploited by repeatable failures of the mount process, which may be triggered by automatically mounting removable media or by a malicious application with sufficient privileges to invoke the mount system call. Once exploited, the victim system can suffer from resource exhaustion leading to degraded performance or shutdowns.