Linux Kernel Agilent USB Dongle NULL Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's GPIB staging area has been fixed, which involved a NULL dereference error. This issue occurred when an Agilent USB dongle was disconnected, leading to a crash as the bus interface was set to NULL. The problem arose from a change that assigned the USB device from the bus interface for device messages, without properly checking for NULL in all relevant functions. The vulnerability has been addressed by ensuring that the bus interface is validated at all entry points, returning an 'ENODEV' error if it is NULL.

Impact

The vulnerability could lead to a system crash due to a NULL pointer dereference, causing a kernel Oops error.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Agilent USB Dongle NULL Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating