Linux Kernel ath11k PCI Suspend Crash Vulnerability

A vulnerability in the Linux kernel's ath11k PCI driver can lead to a system crash during the suspend process if a required board file is missing. This issue arises because the driver initialization occurs asynchronously, allowing the suspend handler to activate before the driver is fully ready, particularly when the board file is not found. The crash is caused by a page fault error, indicating a supervisor read access issue in kernel mode, related to the improper handling of the driver's suspend routine.

Impact

The vulnerability causes a kernel crash during the system suspend process, leading to a denial of service.

Reproduction

The vulnerability can be reproduced by suspending a system that uses the ath11k PCI driver, while the driver is not properly initialized due to a missing board file. This can be tested on hardware that uses the WCN6855 chipset, with the specific software version mentioned in the vulnerability description.

Remediation

Users can ensure that the ath11k driver is properly initialized before suspending the system, possibly by verifying the presence of the required board file.