Primary

Context

Linux Kernel Null Dereference Vulnerability in /proc/pid/smaps_rollup

Vulnerability

Patched

A null pointer dereference vulnerability has been introduced in the Linux kernel's /proc/pid/smaps_rollup feature. This issue arises when there are no virtual memory areas (VMAs) associated with a task, leading to a null dereference in the show_smaps_rollup function. The vulnerability was introduced by a commit that converted the smaps_rollup handling to a single value sequence file, and it has been fixed in a subsequent commit.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, which can cause a kernel crash or potentially be exploited for arbitrary code execution in the kernel context.

Added: Oct 4, 2025, 7:20 PM

Updated: Oct 4, 2025, 7:20 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Null Dereference Vulnerability in /proc/pid/smaps_rollup

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating