Linux Kernel MCTP I3C NULL Header Address Vulnerability

Vulnerability

A vulnerability in the Linux kernel's MCTP I3C implementation allows for a NULL header address to be mishandled. If there is no corresponding entry in the neighbour table, the transmission packet should be discarded. While the source address is typically assigned by the MCTP core, it is important to check for NULL in cases where a packet is sent by a different protocol.

Impact

Exploitation of this vulnerability could lead to improper handling of transmission packets, potentially causing unintended behavior in the MCTP I3C communication.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel MCTP I3C NULL Header Address Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating