Linux Kernel NULL Pointer Dereference Vulnerability in Crypto Driver

Vulnerability

A vulnerability in the Linux kernel's crypto driver for the OcteonTX2 platform has been addressed. The issue was a NULL pointer dereference that occurred in the driver release process when the CONFIG_DM_CRYPT option was enabled. The vulnerability arose because the driver improperly handled the dm-crypt feature, leading to a crash. The driver has been updated to remove the unnecessary CONFIG_DM_CRYPT check, which resolves the NULL pointer dereference issue.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a system crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in Crypto Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating