Primary

Context

Linux Kernel NULL Pointer Dereference Vulnerability in WWAN IOSM Driver

Vulnerability

Patched

A NULL pointer dereference vulnerability has been identified in the Linux kernel's WWAN IOSM driver. This issue occurs during the device removal process, particularly after a suspend and resume cycle. If the driver initialization fails to allocate the necessary resources due to invalid device capabilities, the subsequent removal procedure can lead to a NULL pointer exception. This happens because the unallocated WWAN structure is dereferenced, causing a crash. The vulnerability has been addressed in the upstream commit 60829145f1e2650b31ebe6a0ec70a9725b38fa2c.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a kernel crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.

Added: Oct 4, 2025, 5:22 PM

Updated: Oct 4, 2025, 5:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in WWAN IOSM Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating