Volerion logoVolerion
Volerion logoVolerion

Linux Kernel NULL Pointer Dereference Vulnerability in Marvell Prestera Devlink Allocation

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's handling of Marvell Prestera devlink support. The issue arises in the 'prestera_devlink_alloc' function, which calls 'devlink_priv' on a pointer that may be NULL if 'devlink_alloc' fails to allocate memory. This oversight can lead to a crash when the allocation fails. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a crash.

Reproduction

The vulnerability can be reproduced by invoking the 'prestera_devlink_alloc' function in a scenario where 'devlink_alloc' fails to allocate memory. This can be simulated by modifying the 'devlink_alloc' function to return NULL, which will cause 'prestera_devlink_alloc' to call 'devlink_priv' with a NULL pointer, resulting in a NULL pointer dereference.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.

Added: Jan 31, 2026, 12:30 PM
Updated: Jan 31, 2026, 12:30 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
2.5
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.