Primary

Context

Linux Kernel NULL Pointer Dereference Vulnerability in MOST I2C Driver

Vulnerability

Patched

A vulnerability has been identified in the Linux kernel's MOST I2C driver, which has been non-functional for five years. The issue arises from the driver not updating its interface device pointer before registration, leading to a NULL pointer dereference when the driver is probed. This vulnerability affects the Linux kernel staging area, specifically the MOST I2C driver.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash or denial of service condition.

Remediation

The vulnerability has been addressed by removing the broken I2C driver from the Linux kernel staging area. Users can apply the latest patches from the Linux kernel stable tree to mitigate this issue.

Added: Jan 5, 2026, 10:33 AM

Updated: Jan 5, 2026, 10:33 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

1.8

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Pointer Dereference Vulnerability in MOST I2C Driver

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating