Impact
The bug arises when the Qualcomm NGD driver registers callbacks before fully initializing the NGD device. This timing issue results in work being queued with a NULL pointer, causing kernel warnings and a crash. A successful exploitation would force a system reboot or make the affected board unbootable, compromising availability. The weakness aligns with improper initialization and null pointer usage.
Affected Systems
The vulnerability affects the Linux kernel’s slimbus and qcom-ngd-ctrl components, which are used on Qualcomm-based boards that support slimbus communication. Versions of the kernel that include the unmodified slimbus/NGD driver code are susceptible; no specific version range is listed, so all releases prior to the patch commit are potentially impacted.
Risk and Exploitability
The CVSS score is not provided, and the EPSS is unavailable, but the lack of a KEV listing suggests no actively exploited instances are known. The flaw is local to the device driver and requires the NGD driver to be probed while a remote processor is active or an interrupt occurs, which is plausible in real deployments. The main consequence is a kernel panic leading to a denial of service. Given the code path involves uninitialized pointers, the attack vector is likely to be a privilege escalation or service interruption within the device’s operating system.
OpenCVE Enrichment