Primary

Context

Linux Kernel EDAC Igen6 NULL Pointer Dereference Vulnerability

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's EDAC Igen6 driver. This issue leads to a kernel panic, as the driver attempts to access a disabled memory controller, causing a page fault. The vulnerability arises because the driver checks all memory controllers for errors, including those that are not present, which results in accessing a NULL memory-mapped I/O address.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations and potentially leading to a denial of service.

Remediation

The vulnerability has been addressed by modifying the driver to accurately reflect the number of detected memory controllers, preventing the NULL pointer dereference. Users should update to the latest version of the Linux kernel where this fix is applied.

Added: Jul 4, 2025, 4:12 PM

Updated: Jul 4, 2025, 4:12 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel EDAC Igen6 NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating