Linux Kernel Netfs NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's netfs component can lead to a NULL pointer dereference. This issue arises because netfs improperly iterates over an xarray while under the RCU read lock, failing to include necessary retry calls. As a result, the xarray walker may return a special value indicating that the iteration needs to be restarted, potentially causing a kernel oops by dereferencing a NULL pointer. The vulnerability has been addressed by adding the missing retry checks.

Impact

Exploitation of this vulnerability causes a kernel NULL pointer dereference, leading to a system crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Netfs NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating