Linux Kernel mlxsw Spectrum NULL Pointer Dereference Vulnerability via CPU Port Event Processing

Vulnerability

A vulnerability in the Linux kernel's mlxsw spectrum driver can lead to a NULL pointer dereference. This issue arises when the driver processes events from the device's firmware related to local ports. While the driver correctly handles events for non-existent local ports, it fails to do so for the CPU port (local port 0). Although the CPU port exists, it lacks the same initialization as other local ports. As a result, accessing uninitialized fields in the 'struct mlxsw_sp_port' can cause a NULL pointer dereference. The vulnerability has been addressed by generalizing the event processing approach to include checks for the CPU port, preventing the driver from crashing when it receives unhandled events.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a kernel crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel mlxsw Spectrum NULL Pointer Dereference Vulnerability via CPU Port Event Processing

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating