Juhee Kang

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.14.0 **Description** The vulnerability occurs when the rule related to IDLETIMER is added, and the idletimer tg timer structure is initialized by kmalloc on executing the idletimer tg create function. However, in this process, timer->timer type is not defined to a specific value, resulting in a garbage value and kernel panic. The issue is resolved by initializing timer->timer type using kzalloc instead of kmalloc. **Recommendations** To resolve the issue, update the Linux kernel to a version that includes the fix for the vulnerability. Specifically, for Linux kernel versions prior to 5.14.0, update to version 5.14.0 or later. As a temporary workaround, consider disabling the IDLETIMER module until a patch is available.