Description
In the Linux kernel, the following vulnerability has been resolved:

drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug

This patch removes the MCU halt and wait for halt procedures during
panthor_fw_unplug() as the MCU can be in a variety of states or the FW
may not even be loaded/initialized at all, the latter of which can lead
to a NULL pointer dereference.

It should be safe on unplug to just disable the MCU without waiting for
it to halt as it may not be able to.
Published: 2026-05-27
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A null pointer dereference occurs in the Panthor DRM driver during the panthor_fw_unplug() routine when the firmware is not loaded or the MCU is in an arbitrary state. This flaw causes the kernel to crash, which results in a loss of system availability. The weakness is classified as CWE-824.

Affected Systems

The vulnerability is present in the Linux kernel’s DRM Panthor subsystem. Any distribution kernel that includes the Panthor driver is potentially affected until the patch that removes the erroneous null dereference is applied.

Risk and Exploitability

The EPSS score is less than 1 %, indicating a very low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog, suggesting that no publicly known exploits are available. The likely attack vector is local: an attacker must trigger a device unplug event or otherwise force the driver to execute panthor_fw_unplug() while the firmware state is uninitialized. Exploitation would lead to a kernel panic, but it does not provide elevated code execution beyond causing a denial of service.

Generated by OpenCVE AI on May 29, 2026 at 03:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply a kernel update that includes commit 920c6af98e, which eliminates the null pointer dereference in panthor_fw_unplug().
  • Reboot the system after the update so that the patched driver and any firmware are properly initialized.
  • If a kernel update cannot be applied immediately, disable hotplug for Panthor devices and avoid unplugging them while the system is running until the patch is installed.

Generated by OpenCVE AI on May 29, 2026 at 03:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 29 May 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 29 May 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-824
References

Wed, 27 May 2026 16:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Wed, 27 May 2026 14:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug This patch removes the MCU halt and wait for halt procedures during panthor_fw_unplug() as the MCU can be in a variety of states or the FW may not even be loaded/initialized at all, the latter of which can lead to a NULL pointer dereference. It should be safe on unplug to just disable the MCU without waiting for it to halt as it may not be able to.
Title drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-27T12:14:59.693Z

Reserved: 2026-05-08T13:14:33.088Z

Link: CVE-2025-71307

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:16:43.283

Modified: 2026-05-27T14:48:31.480

Link: CVE-2025-71307

cve-icon Redhat

Severity :

Publid Date: 2026-05-27T00:00:00Z

Links: CVE-2025-71307 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-29T04:00:13Z

Weaknesses
  • CWE-824

    Access of Uninitialized Pointer