Primary

Context

Samsung Exynos Processors NULL Pointer Dereference Vulnerability in NPU Driver

Vulnerability

A NULL pointer dereference vulnerability has been identified in the NPU driver of several Samsung Mobile Processors, including Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. The issue arises in the '__npu_vertex_bootup' function, where a NULL pointer dereference of 'hdev' occurs, potentially leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference, which can lead to a denial-of-service condition by causing the system to crash or become unresponsive.

Added: Nov 4, 2025, 7:33 PM

Updated: Nov 4, 2025, 9:28 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Exynos Processors NULL Pointer Dereference Vulnerability in NPU Driver

Vulnerability

Impact

Affected Products

Samsung Exynos 1280

Samsung Exynos 2200

Samsung Exynos 1380

Samsung Exynos 1480

Samsung Exynos 2400

Samsung Exynos 1580

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating