Linux Kernel NULL Pointer Dereference Vulnerability in mlx5 Chains Error Handling

Vulnerability

A vulnerability in the Linux kernel's handling of error conditions in the mlx5 networking component can lead to NULL pointer dereferences. This issue arises in the mlx5_chains_create_table() function, where the return values of mlx5_get_fdb_sub_ns() and mlx5_get_flow_namespace() are not properly checked. If either function fails, the error should be logged with mlx5_core_warn() and an error pointer should be returned.

Impact

Exploitation of this vulnerability can lead to NULL pointer dereferences, potentially causing a denial-of-service condition by crashing the kernel or disrupting normal operations.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in mlx5 Chains Error Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating