Primary

Context

Linux Kernel x86 Resctrl NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's x86/resctrl component can lead to a NULL pointer dereference when creating a new control group on platforms without cache occupancy monitors. The issue arises because the logic added in a previous commit to allocate the cleanest CLOSID by searching for the fewest dirty cache lines depends on values from the llc_occupancy counters. On platforms lacking these counters, the array needed for this operation is not properly allocated, causing the NULL pointer dereference.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash or undefined behavior in the system.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel x86 Resctrl NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating