Jan Höppner

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue concerns the Linux kernel, specifically the s390/dasd component, where the device queue is not protected against concurrent access. In the `dasd profile start()` function, the amount of requests on the device queue is counted, but this access is unprotected, leading to potential kernel panics due to incorrect pointer accesses, especially with parallel I/O and alias devices enabled. The fix involves taking the device lock before accessing the queue and counting requests, and checking for a valid profile data pointer earlier to avoid unnecessary locking. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.