Impact
The vulnerability arises from the Linux kernel lacking a cap on busy_poll activity in the io_uring implementation, allowing a NAPI polling loop to run indefinitely when no events are found. This can cause the kernel to complain that a task is stuck because there is no conditional rescheduling within the loop, potentially leading to kernel stability issues or denial of service at the system level.
Affected Systems
The affected product is the Linux kernel provided by the Linux vendor. No specific version range is identified in the data.
Risk and Exploitability
The weakness is a local kernel issue that may be io_uring with busy_poll enabled. The CVSS score is 5.5, the EPSS score is < 1%, and the vulnerability is not listed in the CISA KEV catalog, indicating limited publicly known exploitation but a potential on a target system. The attack vector is inferred to be local or via privileged code interacting with io_uring.
OpenCVE Enrichment