Primary

Context

Linux Kernel Null Pointer Dereference Vulnerability in RTSN Ethernet Driver

Vulnerability

Patched

A null pointer dereference vulnerability has been identified in the Linux kernel's RTSN Ethernet driver. This issue arises in the 'rtsn_probe' function, where the return value of 'rcar_gen4_ptp_alloc' was not properly checked, potentially leading to a null pointer dereference. The vulnerability affects the stable versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by loading the RTSN Ethernet driver without the proper return value check in the 'rtsn_probe' function. This can be done by using a modified version of the driver that omits the null check, allowing a null pointer to be dereferenced.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.3

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.3

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Null Pointer Dereference Vulnerability in RTSN Ethernet Driver

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating