Volerion logoVolerion
Volerion logoVolerion

Linux Kernel DSA Felix Driver NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's DSA (Distributed Switch Architecture) subsystem, specifically within the Felix driver, can lead to a NULL pointer dereference. This issue arises when the tagging protocol change operation fails, causing the system to incorrectly handle the error and potentially corrupt data structures. The vulnerability can be reproduced by forcing an error while the driver is in 802.1Q tagging mode, which crashes the kernel.

Impact

Exploitation of this vulnerability causes a kernel crash due to a NULL pointer dereference.

Reproduction

The vulnerability can be reproduced by echoing 'ocelot-8021q' into the DSA tagging interface of a network port, followed by an attempt to change the tagging protocol to 'edsa', which triggers an error. This sequence of actions causes the kernel to crash, as the error handling process leads to a NULL pointer dereference.

Added: Jun 18, 2025, 6:34 PM
Updated: Jun 18, 2025, 6:34 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.2
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.