Linux Kernel NULL Pointer Dereference Vulnerability in QCOM SCM Driver

Vulnerability

A vulnerability in the Linux kernel's QCOM SCM driver can lead to a theoretical NULL pointer dereference. This issue arises when the SCM driver fails to properly clean up the global '__scm' variable upon probe failures. External users of the driver, such as those relying on the '__scm->mempool' for TZMEM parts, may assume the probe was successful and encounter a NULL pointer exception. The vulnerability is triggered by introducing probe deferral in the SCM driver, disrupting the expected initialization sequence.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a crash or instability in the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in QCOM SCM Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating