Linux Kernel NULL Pointer Dereference Vulnerability in ASoC Intel AVS Component Probe

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's ASoC Intel AVS component probe function. The issue arises because the function does not properly check for memory allocation failures. When the devm_kasprintf() function fails to allocate memory, it returns NULL, leading to a dereference of a NULL pointer. This vulnerability has been addressed in the Linux kernel.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash or unintended behavior in the system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ASoC Intel AVS Component Probe

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating