Primary

Context

Linux Kernel NULL Pointer Dereference Vulnerability in IOMMU OMAP Handling

Vulnerability

A NULL pointer dereference vulnerability has been introduced in the Linux kernel's IOMMU OMAP handling. This issue arises from a regression caused by a recent commit that improperly changed the return type of a function, leading the OMAP IOMMU probe to return a success value instead of an error pointer. As a result, certain OMAP variants experience a NULL pointer dereference during the IOMMU device probing process.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash or denial-of-service condition on the affected system.

Reproduction

The vulnerability can be reproduced by initializing the OMAP IOMMU, which triggers the IOMMU device probing process. The improper return value from the OMAP IOMMU probe function causes a NULL pointer dereference, leading to a system crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in IOMMU OMAP Handling

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating