Linux Kernel SUNRPC NULL Pointer Dereference Vulnerability in Tracing Subsystem

Vulnerability

A vulnerability in the Linux kernel's SUNRPC component can lead to a NULL pointer dereference crash when an 'svc_rqst' request is deferred while the SUNRPC tracing subsystem is active. This issue arises because the 'svc_revisit()' function clears the 'xprt' field, removing the remote address needed for the tracepoint, which can cause a crash by dereferencing a NULL value. The vulnerability has been addressed by modifying the trace event to safely handle the remote address, allowing the fix to be backported to stable kernel versions.

Impact

Exploitation of this vulnerability causes a crash due to a NULL pointer dereference, disrupting system operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SUNRPC NULL Pointer Dereference Vulnerability in Tracing Subsystem

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating