Linux Kernel NTFS3 Filesystem NULL Pointer Dereference Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's NTFS3 filesystem module. This issue arises when the 'ntfs_fill_super()' function is not called, leaving the 'sbi->sb' pointer NULL. The vulnerability can be triggered by passing an incorrect mount parameter, leading to a general protection fault and a null pointer dereference error. The flaw was exposed during the execution of a syzkaller fuzzing test.

Impact

Exploitation of this vulnerability causes a general protection fault due to a NULL pointer dereference, which can lead to a crash of the kernel or the affected process.

Reproduction

The vulnerability can be reproduced by mounting an NTFS3 filesystem with an invalid parameter that causes 'ntfs_fill_super()' not to be called. This can be done using the 'mount' command with the 'iochvrset' parameter, which is not recognized, leading to the NULL pointer dereference.