Linux Kernel I2C Max9286 Module Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Linux kernel's I2C Max9286 module. When the Max9286 module is removed, it triggers a kernel oops due to an invalid memory access. This issue arises because the I2C client data no longer points to the correct private data but instead refers to a video4linux2 subdevice, leading to a level 0 translation fault. The vulnerability affects Linux kernel version 5.15.5 and was introduced by a change in the Max9286 module's initialization process.

Impact

The vulnerability causes a kernel oops, which is an internal error indicating a problem that the kernel could not handle, potentially leading to a system crash or instability.

Reproduction

To reproduce this vulnerability, load the Max9286 I2C driver module and then remove it using the 'rmmod' command. The removal process will cause a kernel oops due to a paging request error, indicating that the module's client data was not properly managed during initialization.