The idxd driver in the Linux kernel crashes when it attempts to restore an event log that was never allocated, such as when the hardware does not support event logging. The crash occurs during handling of a Function Level Reset (FLR) error, leading to a kernel panic and a denial of service. The weakness involved is a null pointer dereference, resulting in an unhandled fault and loss of service.

All Linux kernel deployments that include the idxd driver are potentially affected, regardless of hardware configuration. The exact kernel versions are not specified, so any kernel build that incorporates the idxd driver without the recent patch may be vulnerable.

The CVSS score is not provided, and the EPSS score is unavailable, so the quantitative risk is unknown. However, the vulnerability is a high‑impact kernel crash that typically requires a local privilege level to trigger. An attacker that can cause a FLR error in the hardware would force the kernel to attempt to restore an unallocated event log, leading to a crash. The CISA KEV status indicates the vulnerability is not listed as a known exploited vulnerability. Based on the description, the likely attack vector is a local, privileged attacker who can manipulate the hardware to generate an error that triggers the kernel crash. Remote exploitation is not explicitly supported by the provided data, and no condition for remote code execution is described. The vulnerability remains a severe risk due to the potential for widespread kernel instability across affected Linux systems but the lack of public exploit evidence tempers immediate urgency. Nonetheless, applying the fixed driver code is the only definitive mitigation.