Linux Kernel NULL Pointer Dereference Vulnerability in XSK Socket Teardown

Vulnerability

A race condition leading to a NULL pointer dereference has been identified in the Linux kernel's XSK (eXpress Data Path) socket teardown process. This vulnerability arises because the unbinding procedure incorrectly sets the socket's device reference to NULL before ensuring that all network processing has completed. As a result, a process may attempt to access a NULL device pointer, causing a crash. The issue is exacerbated by the fact that the synchronization mechanism used does not account for all data plane operations, potentially allowing the socket's state to be cleaned up prematurely while it is still in use.

Impact

Exploitation of this vulnerability causes a kernel panic due to a NULL pointer dereference, which can lead to a denial of service by crashing the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in XSK Socket Teardown

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating