Description
In the Linux kernel, the following vulnerability has been resolved:

interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes()

The change to dynamic IDs for SM8450 platform interconnects left two links
unconverted, fix it to avoid the NULL pointer dereference in runtime,
when a pointer to a destination interconnect is not valid:

Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008
<...>
Call trace:
icc_link_nodes+0x3c/0x100 (P)
qcom_icc_rpmh_probe+0x1b4/0x528
platform_probe+0x64/0xc0
really_probe+0xc4/0x2a8
__driver_probe_device+0x80/0x140
driver_probe_device+0x48/0x170
__device_attach_driver+0xc0/0x148
bus_for_each_drv+0x88/0xf0
__device_attach+0xb0/0x1c0
device_initial_probe+0x58/0x68
bus_probe_device+0x40/0xb8
deferred_probe_work_func+0x90/0xd0
process_one_work+0x15c/0x3c0
worker_thread+0x2e8/0x400
kthread+0x150/0x208
ret_from_fork+0x10/0x20
Code: 900310f4 911d6294 91008280 94176078 (f94002a0)
---[ end trace 0000000000000000 ]---
Kernel panic - not syncing: Oops: Fatal exception
Published: 2026-05-08
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The Linux kernel contains a NULL pointer dereference in the function icc_link_nodes for the Qualcomm SM8450 interconnect. During platform probe, an invalid destination pointer causes a kernel Oops, which results in a panic and may restart the system. The flaw is a classic null dereference vulnerability that can interrupt normal operation without providing confidentiality or integrity gains.

Affected Systems

Affected systems are any Linux kernel installations that include the Qualcomm SM8450 interconnect driver and have not applied the recent patch. This includes kernel builds for devices using the SM8450 platform where dynamic IDs for interconnects were updated but left two links unconverted. No specific kernel version was listed, so all kernels prior to the commit that addressed this issue are potentially vulnerable.

Risk and Exploitability

Exploitability metrics are not available; the flaw was not listed in CISA KEV and no EPSS score is published. The attack likely requires privileged access to the kernel such as device driver loading or manipulation of the interconnect configuration, making it a local privilege escalation scenario. Once executed, the kernel crash signifies high severity but the lack of publicly documented exploitation reduces immediate risk. Nonetheless, any kernel that can load the affected driver must be considered vulnerable until patched.

Generated by OpenCVE AI on May 8, 2026 at 18:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the upstream kernel patch that fixes the NULL pointer dereference in interconnect, as referenced by commit 77d22bf3... and dbbd550d7c...
  • Upgrade to a latest kernel version that includes this fix; if running an older kernel, rebuild the kernel with the patched source.
  • As a temporary measure, disable or remove the dynamic ID assignment for SM8450 interconnects or prevent the driver from probing the problematic links, keeping in mind that this may limit interconnect functionality.

Generated by OpenCVE AI on May 8, 2026 at 18:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 08 May 2026 19:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 08 May 2026 14:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes() The change to dynamic IDs for SM8450 platform interconnects left two links unconverted, fix it to avoid the NULL pointer dereference in runtime, when a pointer to a destination interconnect is not valid: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 <...> Call trace: icc_link_nodes+0x3c/0x100 (P) qcom_icc_rpmh_probe+0x1b4/0x528 platform_probe+0x64/0xc0 really_probe+0xc4/0x2a8 __driver_probe_device+0x80/0x140 driver_probe_device+0x48/0x170 __device_attach_driver+0xc0/0x148 bus_for_each_drv+0x88/0xf0 __device_attach+0xb0/0x1c0 device_initial_probe+0x58/0x68 bus_probe_device+0x40/0xb8 deferred_probe_work_func+0x90/0xd0 process_one_work+0x15c/0x3c0 worker_thread+0x2e8/0x400 kthread+0x150/0x208 ret_from_fork+0x10/0x20 Code: 900310f4 911d6294 91008280 94176078 (f94002a0) ---[ end trace 0000000000000000 ]--- Kernel panic - not syncing: Oops: Fatal exception
Title interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-08T13:31:21.623Z

Reserved: 2026-05-01T14:12:56.002Z

Link: CVE-2026-43335

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-08T14:16:43.263

Modified: 2026-05-08T14:16:43.263

Link: CVE-2026-43335

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-08T21:45:18Z

Weaknesses