5.5
CVE-2026-53325
- EPSS 0.12%
- Veröffentlicht 29.06.2026 04:53:35
- Zuletzt bearbeitet 06.07.2026 20:09:56
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
agp/amd64: Fix broken error propagation in agp_amd64_probe()
In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agp_amd64_probe() A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment (e.g. qemu/kvm) without a physical AMD northbridge. The crash occurs in amd64_fetch_size() when attempting to dereference the pointer returned by node_to_amd_nb(0). The root cause of this crash is broken error propagation in agp_amd64_probe(): When no AMD northbridges are found, cache_nbs() correctly returns -ENODEV. However, the probe function erroneously checks the return value against exactly -1, rather than < 0. As a result, the hardware absence error is masked, allowing the driver to improperly proceed with initialization. It eventually calls agp_add_bridge(), which invokes amd64_fetch_size(). Since the hardware does not exist, node_to_amd_nb(0) returns NULL, leading to a General Protection Fault (GPF) when accessing its ->misc member. Fix the issue by correcting the error check in agp_amd64_probe() to abort properly when cache_nbs() returns any negative error code. This prevents the driver from erroneously proceeding without hardware, thereby avoiding the subsequent NULL pointer dereference at its source.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.18 < 5.10.260
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.211
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.177
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.144
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.95
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.37
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.14
Linux ≫ Linux Kernel Version >= 7.1 < 7.1.2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.023 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/53483a9f4ee9eeb18aa866ec16cce79e136987e1
https://git.kernel.org/stable/c/0aa9b27c454c53074cde592eaceb442d30341585
https://git.kernel.org/stable/c/cefe535a60a2e00e09f4b2689b0c8ffc6912459a
https://git.kernel.org/stable/c/b08472db93b1ccff84a7adec5779d47f0e9d3a30
https://git.kernel.org/stable/c/1d7d45050e14083c1de1460c93f4063c1f0bca7b
https://git.kernel.org/stable/c/3e844a63668d1c3d10a9d347d7ebf161b2f91c84
https://git.kernel.org/stable/c/564b3b3f6565313eb6fa5355ffd037d6fb27897f
https://git.kernel.org/stable/c/ce800993af477fc24187349c6a20d3073140b759
https://git.kernel.org/stable/c/eb045714bc6a2bbb0befb7a31b996a196e188869