Linux Kernel ACPI CPPC NULL Pointer Dereference Vulnerability

Vulnerability

A vulnerability in the Linux kernel's ACPI CPPC implementation can lead to a NULL pointer dereference. This issue occurs when the 'nosmp' option is used, preventing other CPUs from initializing and leaving their 'cpc_desc_ptr' NULL. As a result, the first CPU's iteration through available CPUs dereferences these NULL pointers, causing a kernel panic.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing the system to become unresponsive and potentially disrupting critical processes.

Added: Jul 3, 2025, 11:12 AM

Updated: Jul 3, 2025, 11:12 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ACPI CPPC NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating