Linux Kernel Null Pointer Dereference Vulnerability in mt7996_mmio_wed_init()

Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's mt76 wifi driver, specifically within the mt7996 module. The issue arises in the mt7996_mmio_wed_init() function, which fails to properly check the return value of the devm_ioremap() function. This oversight allows for a null pointer dereference when devm_ioremap() returns NULL on error, leading to potential instability or crashes.

Impact

Exploitation of this vulnerability causes a null pointer dereference, which can lead to a system crash or instability.

Added: Jul 3, 2025, 9:50 AM

Updated: Jul 3, 2025, 9:50 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Null Pointer Dereference Vulnerability in mt7996_mmio_wed_init()

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating