Marek

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A NULL pointer fault was reported in the xenbus thread callstack. The issue occurs when the `req` object is freed while the xenbus thread is still using it, causing a kernel NULL pointer dereference. This happens because `req->cb` is set to `xs wake up()`, which can cause an immediate reschedule, allowing other processes to run before `wake up` returns. The problem is resolved by using two krefs on each request, one for the caller and one for xenbus thread, to track the request lifetime. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.