Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Mediatek DRM NULL Pointer Dereference Vulnerability in DSI Driver

Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's Mediatek Display Stream Interface (DSI) driver. This issue arises because the driver data is not properly initialized before registering the DSI host, leading to a crash when the DSI encoder is registered. The vulnerability blocks subsequent Direct Rendering Manager (DRM) operations. The issue has been tested on the Xiaomi Smart Clock X04G.

Impact

Exploitation of this vulnerability causes a kernel crash due to a NULL pointer dereference, disrupting the Direct Rendering Manager operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by loading the Mediatek DSI driver, which will trigger the NULL pointer dereference. This can be done by registering a DSI device without the necessary driver data initialization, immediately after acquiring the DRM mode configuration mutex.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version to apply the fix.

Added: Apr 24, 2026, 7:45 PM
Updated: Apr 24, 2026, 7:45 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
6.6
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.