Linux Kernel BCM2835 SPI NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's BCM2835 SPI driver can lead to a NULL pointer dereference. This issue occurs in versions of the kernel that include the problematic commit, when an IRQ-based transfer times out. The 'bcm2835_spi_handle_err()' function is then called, but if the controller's DMA transmit or receive pointers are not set, it results in a NULL pointer dereference. The vulnerability has been addressed by adding checks to ensure these pointers are valid before they are accessed.

Impact

Exploitation of this vulnerability can cause a NULL pointer dereference, leading to a crash of the kernel or the affected process.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel BCM2835 SPI NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating