Linux Kernel GPIO Chip Error Handling Null Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's GPIO (General Purpose Input/Output) subsystem has been addressed. The issue arose in the 'gpiochip_get_ngpios()' function, which used 'chip_*()' macros to print messages. These macros require 'gpiodev' to be initialized, a condition not met when 'bgpio_init()' is called. This mismatch led to a crash due to a NULL pointer dereference. The solution involved replacing the 'chip_*()' macros with the corresponding 'dev_*()' ones to prevent the crash.

Impact

The vulnerability could lead to a system crash by causing a NULL pointer dereference.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel GPIO Chip Error Handling Null Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating