Description
In the Linux kernel, the following vulnerability has been resolved:

drm/amd/ras: Fix NULL deref in ras_core_get_utc_second_timestamp()

ras_core_get_utc_second_timestamp() retrieves the current UTC timestamp
(in seconds since the Unix epoch) through a platform-specific RAS system
callback and is used for timestamping RAS error events.

The function checks ras_core in the conditional statement before calling
the sys_fn callback. However, when the condition fails, the function
prints an error message using ras_core->dev.

If ras_core is NULL, this can lead to a potential NULL pointer
dereference when accessing ras_core->dev.

Add an early NULL check for ras_core at the beginning of the function
and return 0 when the pointer is not valid. This prevents the
dereference and makes the control flow clearer.
Published: 2026-06-26
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The kernel function ras_core_get_utc_second_timestamp() incorrectly accesses ras_core->dev when the preceding condition fails, allowing a NULL pointer dereference if ras_core is null. This flaw can cause the kernel to crash, resulting in a denial‑of‑service condition for the system. This is a NULL pointer dereference. The vulnerability originates from a lack of an early NULL check and was addressed by inserting such a check and returning zero when ras_core is invalid. The flaw appears to be exploitable only when the function is invoked in kernel context, such as during RAS error event handling, so an attacker would need local or kernel‑level privileges to trigger it. The likely attack vector is an internal kernel call chain rather than an external network interface.

Affected Systems

Linux kernel implementations produced by the Linux Foundation. Specific version ranges affected are not listed in the CVE data; the flaw exists in kernel code prior to the patch commit referenced in the provided Git links.

Risk and Exploitability

The CVSS score is 5.5, the EPSS score is < 1%, and the vulnerability is not listed in CISA KEV. Because the vulnerability requires triggering a kernel function that may be exercised during normal RAS operations, it is considered a local privilege or kernel breach risk, leading to a crash and denial of service. Exploitation would likely be limited to a system where the attacker already has the capability to cause the function to run with a NULL ras_core pointer, such as by tampering with device state or making specific kernel calls.

Generated by OpenCVE AI on June 30, 2026 at 03:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Linux kernel to the latest patched release that includes the early NULL check in ras_core_get_utc_second_timestamp().
  • If an immediate upgrade is infeasible, backport the specific commit that implements the fix to your kernel source tree.
  • Apply general kernel hardening measures, such as enabling SELinux or AppArmor confinement, enforcing kernel lockdown, and keeping system patches up to date.

Generated by OpenCVE AI on June 30, 2026 at 03:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 30 Jun 2026 03:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 30 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Tue, 30 Jun 2026 00:45:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

threat_severity

Low


Fri, 26 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-476

Fri, 26 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: drm/amd/ras: Fix NULL deref in ras_core_get_utc_second_timestamp() ras_core_get_utc_second_timestamp() retrieves the current UTC timestamp (in seconds since the Unix epoch) through a platform-specific RAS system callback and is used for timestamping RAS error events. The function checks ras_core in the conditional statement before calling the sys_fn callback. However, when the condition fails, the function prints an error message using ras_core->dev. If ras_core is NULL, this can lead to a potential NULL pointer dereference when accessing ras_core->dev. Add an early NULL check for ras_core at the beginning of the function and return 0 when the pointer is not valid. This prevents the dereference and makes the control flow clearer.
Title drm/amd/ras: Fix NULL deref in ras_core_get_utc_second_timestamp()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-06-26T19:41:08.184Z

Reserved: 2026-06-09T07:44:35.397Z

Link: CVE-2026-53315

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-26T00:00:00Z

Links: CVE-2026-53315 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-30T03:30:05Z

Weaknesses