A bug in the Linux kernel’s AMD XDNA acceleration module causes a potential NULL pointer dereference when the error cleanup routine is invoked for a context whose mailbox channel failed to be created. If the context cleanup routine assumes that the mailbox channel pointer is always non‑NULL, the failure of the pointer creation leads to a kernel dereference that can crash the system. The impact of this flaw is a system crash and denial of service. The issue is a classic case of a NULL pointer dereference (CWE‑476) and would be exploitable only in scenarios where attacker‑controlled code or configurations can trigger a failed context creation inside the kernel.

The flaw resides in the Linux kernel, specifically the accel/amdxdna subsystem. Any system running a kernel that includes the unpatched accel/amdxdna code is affected; the CNA vendors list simply references the Linux operating system. No precise version range is supplied in the CVE record, but the fix is present in the kernel commits referenced in the advisory (sha‑s 2611c9616cb5… and 97f27573837e…).

The CVSS, EPSS, and KEV metrics are not published for this vulnerability, so the severity cannot be quantified from the available data. The likely attack vector is local; an attacker with the ability to invoke the AMD XDNA context creation path inside the kernel (for example, a privileged application or a driver that loads the accel module) could trigger the faulty error handling. Because the flaw results in a NULL pointer dereference during kernel cleanup, the most immediate risk is a kernel panic that disrupts availability. Without a publicly detailed exploit, the attack is considered targeted against systems using the affected kernel module.