The Linux kernel’s persistent storage subsystem pstore uses a ram_core module that maps persistent memory into kernel address space. The fix corrects an error in persistent_ram_vmap where vmap can return NULL on failure. When a non‑zero offset is applied, an incorrect calculation can make the routine believe a mapping succeeded, resulting in a non‑NULL pointer that is actually invalid. The following call, persistent_ram_buffer_map, then returns success and later dereferences this bad address, causing a kernel fault and a crash. This results in a denial of service because the system cannot continue running. The flaw is an incorrect success calculation (CWE‑253).

All Linux distributions that ship a kernel containing the vulnerable pstore ram_core implementation are affected. The issue exists in any kernel version prior to the inclusion of the recent patch. Users running older or custom kernels that have not been patched or hardened should consider their systems vulnerable. No specific vendor or product is singled out outside the generic Linux kernel, so the impact is broad across all Linux‑based operating systems.

The vulnerability is exploitable by code that can cause the pstore subsystem to attempt a mapping with a non‑zero offset and trigger vmap failure. The details of the attack vector are not explicitly stated in the CVE description and are inferred from the function behavior. Because the erroneous success check leads to a null pointer being treated as valid, subsequent dereference will fault. The attack requires local privileged execution and the ability to interact with the pstore code, so it is not widely available over the network. The CVSS score of 7.0 indicates high severity. With no EPSS score and no listing in the CISA KEV catalog, the likelihood of observed exploitation is low, but the high local impact and the potential for service disruption warrant immediate attention.