Primary

Context

Linux Kernel CPSW2G Null Pointer Dereference Vulnerability in AM65 SoCs

Vulnerability

Patched

A null pointer dereference vulnerability has been identified in the Linux kernel's handling of Ethernet transmission completion packets on Texas Instruments (TI) AM65 system-on-chips (SoCs) with a CPSW2G instance. This issue arises in the TX completion stage when the network device (ndev) is accessed without proper initialization, particularly if no TX packets have been processed. The uninitialized access leads to a kernel crash. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability causes a kernel crash due to a null pointer dereference.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree. Users can download the patched version from the Linux kernel Git repository.

Added: Sep 19, 2025, 4:45 PM

Updated: Sep 19, 2025, 4:45 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

7.7

relevance

0.5

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel CPSW2G Null Pointer Dereference Vulnerability in AM65 SoCs

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating