Impact
During an unmount of a GFS2 file system the driver calls gfs2_log_flush() to the journal descriptor for the file system has already been freed, the call dereferences a NULL pointer, causing a kernel panic. The resulting crash leads to a denial‑of‑service that may crash the entire system.
Affected Systems
The issue appears in Linux kernels that include the GFS2 file system module. Any kernel version that predates the commit that added the NULL‑pointer check is vulnerable. The exact version range is not specified, so systems should verify whether their kernel contains commit d1 or a later stable release.
Risk and Exploitability
The CVSS score of 5.5 and an EPSS score of less than 1% indicate moderate severity and a low probability of exploitation. The vulnerability is not listed in CISA’s KEV catalog, so no active exploits are known. The attack vector is local, requiring the ability to unmount a GFS2 file system. Unmounting normally requires root or CAP_SYS_ADMIN permissions, which is inferred from typical kernel behavior.
OpenCVE Enrichment
Debian DLA