Primary

Context

Linux Kernel Mediatek SVS IRQ Initialization Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's Mediatek SVS (Smart Voltage Scaling) driver can lead to a NULL pointer dereference. This issue occurs when the system is booted using kexec, as the peripheral may trigger an interrupt request (IRQ) before the necessary data structures are fully initialized. The vulnerability has been addressed by modifying the IRQ handling to occur later in the initialization process.

Impact

Exploitation of this vulnerability causes a kernel NULL pointer dereference, leading to a crash of the affected system component or process.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.

Added: Dec 24, 2025, 4:13 PM

Updated: Dec 24, 2025, 4:13 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Mediatek SVS IRQ Initialization Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating