A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system.
It was reported that there are some exit points in ext4_fill_super which result in destruction of workqueue which is not yet initialized, leading to kernel NULL pointer dereference.
Oops report can be found in product bug:
Upstream fix (only part of the commit is related):
This problem did not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 7 and MRG-2.
Red Hat would like to thank Dmitriy Monakhov of OpenVZ project for reporting this issue.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2016:0855 https://rhn.redhat.com/errata/RHSA-2016-0855.html