Volerion logoVolerion
Volerion logoVolerion

Linux Kernel iwlwifi NULL Pointer Dereference Vulnerability in PCIe Driver

Vulnerability

A vulnerability in the Linux kernel's iwlwifi PCIe driver can lead to a NULL pointer dereference. This issue arises when the iwl_pci_probe() function fails and frees the 'trans' variable. Subsequently, the iwl_pci_remove() function is called, attempting to access the already-freed 'trans', which causes a crash. The vulnerability affects the Linux kernel stable group, specifically within the wireless Intel iwlwifi PCIe driver.

Impact

The vulnerability causes a kernel panic due to a NULL pointer dereference, where the system crashes after attempting to access a memory address that has already been freed.

Reproduction

The vulnerability can be reproduced by loading a wireless Intel iwlwifi PCIe driver version that contains the flaw. When the driver is removed, it attempts to access a pointer that has already been freed, leading to a crash.

Remediation

Users can upgrade to the latest patched version of the Linux kernel where this vulnerability has been addressed.

Added: Dec 24, 2025, 4:19 PM
Updated: Dec 24, 2025, 4:19 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.8
remediation
7.7
relevance
1.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.