Primary

Context

Linux Kernel PCI IRQ Domain NULL Pointer Dereference Vulnerability in rcar-host Controller

Vulnerability

Patched

A vulnerability in the Linux kernel's PCI handling for the rcar-host controller can lead to a NULL pointer dereference. This issue arises because the MSI parent IRQ domain is not properly set, causing a kernel error when the IRQ domain is accessed. The vulnerability was introduced in a recent commit that changed how MSI IRQ domains are managed, and it was not detected during testing on hardware with the affected PCIe controller.

Impact

Exploitation of this vulnerability causes a kernel NULL pointer dereference, leading to a crash of the affected system.

Added: Oct 28, 2025, 12:26 PM

Updated: Oct 28, 2025, 12:26 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

0.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel PCI IRQ Domain NULL Pointer Dereference Vulnerability in rcar-host Controller

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating