Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Switchdev Configuration Vulnerability in Intel Ice Driver

Vulnerability

A vulnerability in the Linux kernel's Intel Ice Ethernet driver can lead to a NULL pointer dereference. This issue arises in the 'ice_eswitch_port_start_xmit' function, where transmission may occur before the switchdev configuration is fully completed, potentially causing a crash. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a NULL pointer dereference, leading to a system crash.

Reproduction

The vulnerability can be reproduced by calling the 'ice_eswitch_port_start_xmit' function in the Intel Ice driver before the switchdev configuration is fully completed. This can be done by initiating a transmission while the necessary resources are still being allocated, which will result in a NULL pointer dereference and a system crash.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.

Added: Oct 7, 2025, 5:20 PM
Updated: Oct 7, 2025, 5:20 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.7
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.