Linux Kernel PL031 RTC Feature Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's PL031 Real-Time Clock (RTC) driver. This issue arises when there is no interrupt line, causing the RTC alarm feature to be disabled. The vulnerability occurs because the alarm feature bit is cleared before the RTC device is allocated, leading to a null pointer dereference. The issue has been resolved by adjusting the timing of the alarm feature bit clearance, ensuring it occurs after the RTC device allocation.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PL031 RTC Feature Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating