Linux Kernel LZMA Decompression NULL Pointer Dereference Vulnerability on HIGHMEM Platforms

Vulnerability

A vulnerability in the Linux kernel's EROFS file system has been fixed, which involved an incorrect handling of memory pages during LZMA decompression on HIGHMEM platforms. This mismanagement led to a NULL pointer dereference, causing a kernel crash. The issue has been resolved, and the vulnerability no longer affects HIGHMEM platforms.

Impact

Exploitation of this vulnerability could lead to a kernel crash due to a NULL pointer dereference, disrupting system operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel LZMA Decompression NULL Pointer Dereference Vulnerability on HIGHMEM Platforms

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating