Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Devlink Rate Parent Pointer Unset Vulnerability

Vulnerability

A vulnerability in the Linux kernel's devlink rate management can lead to a reference count error. The issue arises because the function responsible for destroying rate nodes does not properly clear the parent pointer of rate objects, leaving a dangling reference. This problem has been observed in the netdevsim and mlx5 components of the kernel.

Impact

Exploitation of this vulnerability causes a reference count error, leading to memory management issues such as memory leaks.

Reproduction

The vulnerability can be reproduced by creating a new device through the netdevsim bus, adding a devlink port function rate, and then setting a parent node for that rate. After removing the device, the dangling pointer issue can be observed as a reference count error in the system logs. This reproduction process can be done manually or through a script that automates the steps.

Remediation

Users should update to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Dec 4, 2025, 4:39 PM
Updated: Dec 4, 2025, 5:42 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
3.8
remediation
7.7
relevance
1.2
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.