Volerion logoVolerion
Volerion logoVolerion

Linux Kernel NULL Pointer Dereference Vulnerability in Intel DRM Subsystem

Vulnerability

A vulnerability allowing a NULL pointer dereference has been identified in the Linux kernel's Intel Direct Rendering Manager (DRM) subsystem, specifically within the i915 graphics driver. This issue arises because the function 'intel_atomic_get_new_crtc_state' can return NULL if the current state was not previously retrieved with 'intel_atomic_get_crtc_state'. The vulnerability exists in several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash or undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by triggering a scenario where 'intel_atomic_get_new_crtc_state' is called without prior state retrieval, leading to a NULL pointer dereference. This can occur during the handling of plane state in the Intel DRM subsystem.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Dec 9, 2025, 4:25 PM
Updated: Dec 10, 2025, 12:35 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.4
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.