Primary

Context

Linux Kernel Vidtv Driver Null Pointer Dereference Vulnerability

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's Vidtv driver. This issue arises in the 'vidtv_mux_stop_thread' function when the 'dvb->mux' variable is not properly initialized by 'vidtv_mux_init' during the 'vidtv_start_streaming' process. The flaw can be triggered by stopping a streaming feed that has not been correctly set up, leading to a crash.

Impact

Exploitation of this vulnerability causes a null pointer dereference, which typically results in a system crash or denial of service.

Reproduction

The vulnerability can be reproduced by initializing a DVB feed with the Vidtv driver and then stopping the feed before the mux has been properly set up. This sequence will trigger the null pointer dereference in the 'vidtv_mux_stop_thread' function.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Vidtv Driver Null Pointer Dereference Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating