Linux Kernel AFS Dynamic Root NULL Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's AFS (Andrew File System) implementation can lead to a NULL pointer dereference. This issue arises in dynamic root-type AFS superblocks, where pseudo-inodes lack a volume or server reference. The vulnerability occurs when the 'afs_getattr' function is called on such a directory, leading to a kernel crash. The problem can be reproduced by listing directories in the AFS file system, which triggers the NULL pointer dereference error.

Impact

Exploitation of this vulnerability causes a kernel crash due to a NULL pointer dereference.

Reproduction

The vulnerability can be reproduced by accessing a directory in the AFS file system, such as by using the 'ls /afs' command. This action triggers the 'afs_getattr' function, which fails when it encounters a pseudo-inode without a valid volume or server reference, leading to a NULL pointer dereference and a kernel crash.