Linux Kernel Kunit Framework Null Dereference Vulnerability

Vulnerability

A potential null pointer dereference vulnerability has been identified in the Linux kernel's Kunit testing framework. The issue arises in the 'kunit_device_driver_test()' function, where 'kunit_kzalloc()' may return a NULL pointer. Dereferencing this pointer without a proper NULL check can lead to a null dereference error. The vulnerability has been addressed by adding a NULL check for the 'test_state' variable.

Impact

Exploitation of this vulnerability could lead to a null pointer dereference, causing a crash or undefined behavior in the kernel.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Kunit Framework Null Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating