Linux Kernel NULL Pointer Dereference Vulnerability in MV88E6XXX Driver Unbinding

Vulnerability

A vulnerability in the Linux kernel's MV88E6XXX driver can lead to a NULL pointer dereference when unbinding the driver. This issue occurs in systems using the MV88E6XXX switch driver, particularly on chips that do not support certain devlink regions. The vulnerability arises because the devlink_region_destroy function does not handle NULL pointers gracefully, leading to a system crash.

Impact

Exploitation of this vulnerability causes a system crash due to a NULL pointer dereference.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in MV88E6XXX Driver Unbinding

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating