Chenxiaosong

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The vulnerability is related to a race condition in the configfs component of the Linux kernel. When `configfs register subsystem()` or `configfs unregister subsystem()` is executing `link group()` or `unlink group()`, it is possible that two processes add or delete list concurrently, leading to kernel panic. The issue arises from the incorrect synchronization of access to shared resources. To fix this, a mutex is added when calling `link group()` or `unlink group()`, but a special case is handled when the parent `configfs subsystem` is NULL for the root `config item`. A new mutex `configfs subsystem mutex` is created to address this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.