Linux Kernel NULL Pointer Dereference Vulnerability in Micrel PHY Driver

Vulnerability

A vulnerability in the Linux kernel's handling of Micrel PHY drivers can lead to a NULL pointer dereference. This issue occurs when the .probe function is defined in the phy_driver structure without accompanying .driver_data. The absence of .driver_data triggers a NULL pointer dereference. The vulnerability has been addressed by allowing the .probe function to be used without .driver_data, adding NULL checks to prevent the dereference.

Impact

Exploitation of this vulnerability can cause a NULL pointer dereference, leading to a crash of the kernel or the affected process.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in Micrel PHY Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating