NULL Pointer Dereference Affecting kernel-uek-debug package, versions <0:6.12.0-101.33.4.3.el9uek
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsSnyk Learn
Learn about NULL Pointer Dereference vulnerabilities in an interactive lesson.
Start learning- Snyk IDSNYK-ORACLE9-KERNELUEKDEBUG-10780800
- published18 Jul 2025
- disclosed27 Dec 2024
Introduced: 27 Dec 2024
CVE-2024-53235 (opens in a new tab)How to fix?
Upgrade Oracle:9 kernel-uek-debug to version 0:6.12.0-101.33.4.3.el9uek or higher.
This issue was patched in ELSA-2025-20480.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-uek-debug package and not the kernel-uek-debug package as distributed by Oracle.
See How to fix? for Oracle:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
erofs: fix file-backed mounts over FUSE
syzbot reported a null-ptr-deref in fuse_read_args_fill: fuse_read_folio+0xb0/0x100 fs/fuse/file.c:905 filemap_read_folio+0xc6/0x2a0 mm/filemap.c:2367 do_read_cache_folio+0x263/0x5c0 mm/filemap.c:3825 read_mapping_folio include/linux/pagemap.h:1011 [inline] erofs_bread+0x34d/0x7e0 fs/erofs/data.c:41 erofs_read_superblock fs/erofs/super.c:281 [inline] erofs_fc_fill_super+0x2b9/0x2500 fs/erofs/super.c:625
Unlike most filesystems, some network filesystems and FUSE need
unavoidable valid file pointers for their read I/Os [1].
Anyway, those use cases need to be supported too.