Primary

Context

Linux Kernel NULL Pointer Dereference Vulnerability in iwlwifi Driver

Vulnerability

Patched

A vulnerability allowing a potential NULL pointer dereference has been identified in the Linux kernel's iwlwifi wireless driver. This issue arises in the Media Engine Interface (MEI) component when the driver attempts to clone a socket buffer (SKB). If the cloning process fails, the driver previously tried to use the invalid buffer, which could lead to a crash. The vulnerability has been addressed by modifying the driver to properly handle the failure case and avoid dereferencing a NULL pointer.

Impact

Exploitation of this vulnerability could lead to a system crash due to a NULL pointer dereference, causing a denial of service.

Added: Dec 30, 2025, 12:22 PM

Updated: Dec 30, 2025, 12:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in iwlwifi Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating