Linux Kernel wl1251 DMA Vulnerability Leading to Kernel Panic

A vulnerability in the Linux kernel's handling of the wl1251 wireless driver can cause a kernel panic, rendering the driver unusable on devices like the OpenPandora. This issue arises because the driver improperly uses stack parameters for Direct Memory Access (DMA) after the introduction of vmap'ed stacks, which no longer allow such usage. The problem occurs in several places when the wl1251 driver is accessed through Secure Digital Input Output (SDIO). The vulnerability has been addressed by reallocating temporary buffers or using the wl1251_read32() function.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing a denial of service by crashing the system.

Reproduction

The vulnerability can be reproduced on a device running the affected version of the Linux kernel, such as v5.18-rc5, by using the wl1251 driver through the SDIO interface. This will trigger the improper DMA handling, causing a kernel panic.

Remediation

The vulnerability has been addressed in the official Linux kernel repository. Users should upgrade to a version that includes the patch.