Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Null Pointer Dereference Vulnerability in Wi-Fi MT76 MT7996 Driver

Vulnerability

A null pointer dereference vulnerability has been identified in the Wi-Fi MT76 MT7996 driver of the Linux kernel. This issue arises when a link lacks an assigned channel, causing the function 'mt7996_vif_link' to return NULL. Despite this, the driver still needs to store updated queue settings and apply them later. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a null pointer dereference, which can cause a denial of service by crashing the kernel or causing the driver to malfunction.

Reproduction

The vulnerability can be reproduced by creating a link in the Wi-Fi MT76 MT7996 driver that does not have an assigned channel. When the driver attempts to update the queue settings for this link, it will encounter a null pointer dereference, causing a crash or malfunction.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.

Added: Dec 24, 2025, 1:51 PM
Updated: Dec 24, 2025, 1:51 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.5
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.