Linux Kernel NULL Pointer Dereference Vulnerability in MPOA_cache_impos_rcvd Function

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's ATM subsystem. The issue arises in the MPOA_cache_impos_rcvd() function when both the 'entry' and 'holding_time' parameters are NULL. This condition allows a NULL 'entry' to be passed to the eg_cache_put() function, leading to a dereference error. The vulnerability has been logged by KASAN, indicating a general protection fault due to a NULL pointer dereference.

Impact

Exploitation of this vulnerability leads to a general protection fault, causing a crash by dereferencing a NULL pointer, as reported in the KASAN log.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in MPOA_cache_impos_rcvd Function

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating