Linux Kernel NULL Pointer Dereference Vulnerability in DSA Switch Shutdown

Vulnerability

A vulnerability in the Linux kernel's handling of DSA (Distributed Switch Architecture) switches can lead to a NULL pointer dereference during the shutdown process. This issue arises when multiple switches are probed simultaneously, causing all but the last switch to exit early without fully initializing. As a result, the driver's shutdown method may attempt to access uninitialized data structures, leading to a panic. The vulnerability has been addressed by adding a check to ensure that the switch being shut down has been properly initialized.

Impact

Exploitation of this vulnerability causes a kernel panic due to a NULL pointer dereference, disrupting system operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in DSA Switch Shutdown

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating