Linux Kernel Null Pointer Dereference Vulnerability in RPM Power Domain Management

Vulnerability

A vulnerability in the Linux kernel's RPM power domain management can lead to a null pointer dereference. This issue arises because the allocation function 'devm_kcalloc' may fail, leaving 'data->domains' as a null pointer. If this null pointer is later dereferenced, it can cause a crash. The vulnerability has been addressed by adding a check for null allocations, ensuring that -ENOMEM is returned without manually releasing data if the allocation fails.

Impact

Exploitation of this vulnerability can lead to a null pointer dereference, causing a kernel crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Null Pointer Dereference Vulnerability in RPM Power Domain Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating