Linux Kernel ctucanfd NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ctucanfd component can lead to a NULL pointer dereference. This issue arises when the allocation of a socket buffer (skb) fails, leaving the pointer to the struct can_frame as NULL. While this NULL pointer scenario is addressed in most parts of the ctucan_err_interrupt() function, one location was overlooked, creating a potential vulnerability.

Impact

Exploitation of this vulnerability can cause a NULL pointer dereference, leading to a crash of the kernel or the affected process.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ctucanfd NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating