Linux Kernel NULL Pointer Dereference Vulnerability in ASoC: SOF: Intel

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's ASoC: SOF: Intel component. This issue arises when the function snd_dma_alloc_pages() fails and returns an 'ENOMEM' error, yet snd_dma_free_pages() is still called. The error handling is inadequate, leading to a NULL pointer dereference. This vulnerability has been observed in the error logs, which indicate a memory allocation failure followed by a kernel NULL pointer dereference, causing a page fault error.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a page fault error due to a supervisor read access violation in kernel mode.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ASoC: SOF: Intel

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating