SB20250422100 - NULL pointer dereference in Linux kernel gpib agilent_82357a driver
Published: April 22, 2025 Updated: May 10, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) NULL pointer dereference (CVE-ID: CVE-2025-22051)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the agilent_82357a_read(), agilent_82357a_generic_write(), agilent_82357a_take_control_internal(), agilent_82357a_take_control(), agilent_82357a_go_to_standby(), agilent_82357a_request_system_control(), agilent_82357a_interface_clear(), agilent_82357a_enable_eos(), agilent_82357a_disable_eos(), agilent_82357a_primary_address(), agilent_82357a_secondary_address(), agilent_82357a_return_to_local() and nanosec_to_fast_talker_bits() functions in drivers/staging/gpib/agilent_82357a/agilent_82357a.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.