Primary

Context

Linux Kernel RDMA/rxe Null Pointer Dereference Vulnerability

Vulnerability

Patched

A null pointer dereference vulnerability has been identified in the Linux kernel's RDMA/rxe component. This issue arises in the 'rxe_qp_do_cleanup' function, which is called by 'rxe_put' after the 'rxe_create_qp' function initializes a queue pair (QP). If an error occurs during initialization, the QP's send and receive completion queues are set to NULL. The cleanup function then accesses these queues without checking for NULL values first, leading to a dereference of a null pointer and a potential crash. This vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/rxe Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating