Linux Kernel NULL Pointer Dereference Vulnerability in DSA VLAN Filtering

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's Distributed Switch Architecture (DSA) component. The issue arises in the 'dsa_port_reset_vlan_filtering' function, where the 'ds' iterator variable overwrites the 'dp' argument. This flaw leads to an invalid dereference in switches with global VLAN filtering enabled, after they have exited a VLAN-aware bridge. The vulnerability has been addressed by introducing a separate iterator variable to prevent the overwrite.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a kernel crash or other undefined behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in DSA VLAN Filtering

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating