Linux Kernel HPA Ordering Validation Vulnerability in CXL Region Component

Vulnerability

A vulnerability in the Linux kernel's CXL region handling has been addressed. The issue arose because some regions might not have allocated address space, leading to a NULL pointer dereference and a kernel crash. This crash occurred during the validation of HPA order when a region without allocated space was processed. The vulnerability was introduced in the CXL core region management, specifically when attaching regions to ports.

Impact

The vulnerability could lead to a kernel crash due to a NULL pointer dereference, disrupting system operations and potentially causing a denial of service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel HPA Ordering Validation Vulnerability in CXL Region Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating