Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AV:L because hardware-local access is required; PR:L for minimum user session; A:H for kernel panic; C:N and I:N as no data exposure or modification occurs.
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionNVD
In the Linux kernel, the following vulnerability has been resolved:
reset: amlogic: t7: Fix null reset ops
Fix missing reset ops causing kernel null pointer dereference. This SOC's reset is currently not used yet.
AnalysisAI
Null pointer dereference in the Amlogic T7 SoC reset driver crashes the Linux kernel when uninitialized reset operation callbacks are invoked, causing a full system denial of service. Local low-privilege users on systems physically equipped with an Amlogic T7 SoC are affected across kernel versions from the introduction commit through the patched releases 6.18.33, 7.0.10, and 7.1. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires: (1) the target system must use Amlogic T7 SoC hardware - no other platform is affected; (2) the attacker must have local access with at least low-privilege credentials (PR:L per CVSS vector); (3) a kernel code path that invokes the T7 reset driver's ops must be triggered, which the upstream maintainer notes is not yet exercised in current usage. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H correctly reflects a local, low-privilege, availability-only impact with no confidentiality or integrity consequence - a kernel crash rather than a security compromise. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local user with a standard shell session on an embedded or set-top device powered by an Amlogic T7 SoC triggers a kernel code path that invokes the T7 reset controller, dereferencing the uninitialized NULL reset_ops pointer and inducing an immediate kernel panic. The system crashes and becomes unavailable until rebooted, constituting a denial of service. … |
| Remediation | Upgrade to a patched kernel version: 6.18.33 or later in the 6.18.x series, 7.0.10 or later in the 7.0.x series, or kernel 7.1 or later for mainline. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-476 – NULL Pointer Dereference
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39836
GHSA-5gv9-wqv9-xfxq