Linux kernel
Moderate fix5 remedies
cpe:2.3:o:kernel:linux_kernel:*:*:*:*:*:*:*
Moderate fix5 remedies
- >= 6.1.0-rc1, < 6.1.0-rc1+
Linux Kernel SCSI mpt3sas NULL Pointer Dereference Vulnerability
Vulnerability
Patched
A vulnerability in the Linux kernel's SCSI mpt3sas driver can lead to a NULL pointer dereference, causing a kernel crash. This issue occurs in the 'mpt3sas_transport_port_add()' function when 'sas_rphy_add()' fails. The failure to properly handle the error by freeing allocated resources results in a crash when the system attempts to remove the device.
Impact
Exploitation of this vulnerability causes a kernel crash due to a NULL pointer dereference, disrupting system operations and potentially leading to a denial of service.
Reproduction
To reproduce this vulnerability, add a SCSI device using the mpt3sas driver and simulate an error during the 'sas_rphy_add()' process. This can be done by modifying the driver to return an error when adding the SCSI device, which will trigger the resource leak and subsequent NULL pointer dereference when the device is removed.
Remediation
Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.
Added: Oct 7, 2025, 6:25 PM
Updated: Oct 7, 2025, 6:25 PM
Vulnerability Rating
Custom Algorithm
spread
9.0impact
2.5exploitability
4.3remediation
7.7relevance
0.7threat
4.8urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.