Linux Kernel NULL Pointer Dereference Vulnerability in net/mlx5e Component

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's net/mlx5e component. This issue arises when a module is unloaded while a peer traffic control (tc) flow is still offloaded. The vulnerability occurs because the peer uplink representative profile is switched to a network interface card (NIC) profile, leading to the destruction of the neighbor encapsulation lock. During the module unload process, the virtual function representative network devices are unregistered, causing the deletion of the original non-peer tc flow, which in turn removes the peer flow. This deletion process attempts to access the already destroyed encapsulation lock, resulting in a kernel NULL pointer dereference.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a crash or undefined behavior in the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in net/mlx5e Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating