Linux Kernel SPI-FSL-QSPI Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's SPI-FSL-QSPI component. This issue arises because the code does not properly check the return value of the 'platform_get_resource_byname()' function. If this function returns NULL, it can lead to a null pointer dereference, causing a potential crash or undefined behavior.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, which can cause a system crash or other undefined behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SPI-FSL-QSPI Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating