Linux Kernel RDMA/bnxt_re Callback Sanity Check Vulnerability Leading to NULL Pointer Dereference

Vulnerability

A vulnerability in the Linux kernel's RDMA/bnxt_re component has been addressed, which involved inadequate sanity checks on the validity of the rdev (RDMA device) during certain callback operations. Specifically, the ulp_irq_stop and ulp_irq_start callbacks could be invoked while the device was detached, potentially causing a crash by dereferencing a NULL pointer, as the rdev would have already been freed.

Impact

Exploitation of this vulnerability could lead to a system crash due to a NULL pointer dereference.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RDMA/bnxt_re Callback Sanity Check Vulnerability Leading to NULL Pointer Dereference

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating