Linux Kernel NFC FDP Null Pointer Dereference Vulnerability Allowing Out-of-Bounds Write

Vulnerability

A vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem has been addressed. The issue arose in the FDP (Flexible Data Protocol) component, specifically within the I2C (Inter-Integrated Circuit) communication. The vulnerability was due to a lack of proper null pointer checks when allocating memory for device properties. This oversight could lead to a null pointer dereference, allowing for an out-of-bounds write operation when the device properties were read later, potentially causing memory corruption.

Impact

Exploitation of this vulnerability could lead to memory corruption through out-of-bounds write operations, which may allow for arbitrary code execution or escalation of privileges.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NFC FDP Null Pointer Dereference Vulnerability Allowing Out-of-Bounds Write

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating