Primary

Context

Linux Kernel ftgmac100 NULL Pointer Dereference Vulnerability

Vulnerability

Patched

A vulnerability in the Linux kernel's ftgmac100 Ethernet driver could lead to a NULL pointer dereference. This issue arises because the netdev->phydev pointer is reset to NULL after disconnecting a physical device, which can cause a subsequent unregistration function to receive a NULL argument. The vulnerability has been addressed by caching the phy_device pointer before it is reset, ensuring that the unregistration function is not called with a NULL value.

Impact

Exploitation of this vulnerability could lead to a NULL pointer dereference, causing a crash or undefined behavior in the kernel.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.

Added: Sep 4, 2025, 5:25 PM

Updated: Sep 4, 2025, 5:25 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ftgmac100 NULL Pointer Dereference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating