Linux Kernel NULL Pointer Dereference Vulnerability in ATM CLIP Component

Vulnerability

A vulnerability in the Linux kernel's ATM CLIP component can lead to a NULL pointer dereference. The issue arises in the 'clip_push()' function, which can crash the kernel if 'clip_devs' is NULL. This vulnerability was introduced because 'vcc_destroy_socket()' calls 'clip_push()' with a NULL socket buffer, allowing the function to attempt to read a NULL reference, causing a crash.

Impact

Exploitation of this vulnerability leads to a kernel crash, causing a denial of service by interrupting normal system operations.

Added: Jul 9, 2025, 11:43 AM

Updated: Jul 9, 2025, 11:43 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in ATM CLIP Component

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating