Linux Kernel igc Driver IGC_REMOVED Logic Reinstatement Vulnerability

Vulnerability

A vulnerability in the Linux kernel's igc driver has been addressed by reinstating and properly implementing the IGC_REMOVED logic, which was crucial for handling PCIe bus errors. The absence of this logic led to NULL pointer dereferences when a PCIe link flap occurred, causing various system errors. The vulnerability was present in the initial version of the igc driver code, where the IGC_REMOVED checks were omitted, allowing MMIO reads and writes to be performed blindly after a PCIe error.

Impact

The vulnerability could lead to NULL pointer dereferences, causing system crashes or unpredictable behavior when a PCIe link flap occurs on an affected igc adapter.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel igc Driver IGC_REMOVED Logic Reinstatement Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating