Linux Kernel Thermal NULL Pointer Dereference Vulnerability in int340x ACPI Component

Vulnerability

A vulnerability in the Linux kernel's thermal management for the int340x ACPI component has been addressed. The issue arose because not all devices have an ACPI companion fwnode, which could result in a NULL pointer dereference. The vulnerability was similar to a previously addressed issue in the int3472 component. The fix involved adding a NULL check for the ACPI device and returning an error if the device was not available, preventing a potential NULL pointer dereference during the probe process.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a crash or instability in the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Thermal NULL Pointer Dereference Vulnerability in int340x ACPI Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating