Impact
The Linux kernel’s ocfs2 filesystem contains a flaw in the handling of extended attributes. When an inode carries both inline and block‑based xattrs, the listxattr() routine can report a size that exceeds the caller’s buffer if the inline names fill the buffer exactlyof‑bounds write and memory corruption (CWE‑787) as the kernel attempts to and a crash. The outcome is a kernel panic, effectively disabling the affected system and providing a local denial‑of‑service.
Affected Systems
All Linux kernel releases that implement ocfs2 and lack the fix introduced by commit 936b8834366e. The issue is not tied to a specific distribution; any kernel version without that commit is vulnerable.
Risk and Exploitability
The CVSS score of 7.1 indicates a high severity, while the EPSS score of < 1% shows a low but non‑zero exploitation probability. Despite its rarity, the impact is catastrophic—a kernel panic leads to complete loss of availability. The vulnerability is not listed in CISA KEV and the absence of a mitigation other than patching makes rapid remediation essential.
OpenCVE Enrichment
Debian DLA