Linux Kernel NULL Pointer Dereference Vulnerability in ene-kb3930 MFD Driver

Vulnerability

A potential NULL pointer dereference vulnerability has been identified in the Linux kernel's ene-kb3930 multi-function device (MFD) driver. The issue arises because the 'off_gpios' could be NULL, leading to a dereference error. This vulnerability has been addressed by adding a missing check in the 'kb3930_probe()' function. The problem was similar to a previously resolved issue in the 'backlight: hx8357' driver, also related to a potential NULL pointer dereference.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a kernel crash or undefined behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ene-kb3930 MFD Driver

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating