Linux Kernel NULL Pointer Dereference Vulnerability in ASoC RT711-SDCA Component

Vulnerability

A vulnerability in the Linux kernel's ASoC RT711-SDCA component can lead to a NULL pointer dereference, causing a kernel panic. This issue arises because the initial settings are applied before the codec probe function assigns the component. If an I/O error occurs during this process, it triggers a NULL pointer dereference. The vulnerability has been addressed by modifying the component's device reference to ensure proper assignment before the initial settings are applied.

Impact

Exploitation of this vulnerability causes a kernel panic due to a NULL pointer dereference, leading to a denial of service by crashing the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ASoC RT711-SDCA Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating