Primary

Context

Linux Kernel Race Condition Vulnerability in fsl_lpuart Serial Driver Leading to NULL Pointer Dereference

Vulnerability

A race condition vulnerability has been identified in the Linux kernel's fsl_lpuart serial driver, specifically related to the handling of Direct Memory Access (DMA) shutdown. During the DMA shutdown process, DMA completion signals can be received prematurely, leading to a NULL pointer dereference. This occurs when the DMA shutdown process is interrupted, causing the driver's DMA reception descriptor to be cleared before it can be properly processed. As a result, the driver attempts to access a NULL pointer, causing a kernel crash.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a system crash.

Remediation

The vulnerability has been addressed by modifying the DMA shutdown process to ensure that timers are not restarted after the DMA completion has been processed, preventing the race condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Race Condition Vulnerability in fsl_lpuart Serial Driver Leading to NULL Pointer Dereference

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating