Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Apple SMC Mutex Initialization Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Apple System Management Controller (SMC) driver has been addressed. The issue arose because a mutex was used uninitialized, leading to occasional NULL pointer dereferences in the 'apple_smc_read()' function. This problem occurred during the probing of sub-devices. The vulnerability affected the Linux kernel stable tree.

Impact

The vulnerability could cause intermittent NULL pointer dereferences, potentially leading to memory access violations.

Reproduction

The vulnerability can be reproduced by loading the Apple SMC driver on a system with Apple Silicon. The driver will occasionally dereference a NULL pointer in the 'apple_smc_read()' function, due to the mutex not being properly initialized before use.

Remediation

The vulnerability has been fixed by initializing the mutex in the 'apple_smc_probe()' function. Users should upgrade to the latest version of the Linux kernel where this fix is applied.

Added: May 6, 2026, 4:05 PM
Updated: May 6, 2026, 4:05 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
7.6
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.