Linux Kernel NULL Pointer Dereference Vulnerability in ASoC SOF Stream IPC

Vulnerability

A vulnerability in the Linux kernel's ASoC SOF stream IPC component can lead to a NULL pointer dereference. The issue arises because the nullity of the 'cstream' variable is not properly checked, similar to the validation performed in the 'sof_set_stream_data_offset()' function. This oversight can cause a NULL pointer dereference, potentially leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference, leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ASoC SOF Stream IPC

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating