Linux Kernel NULL Pointer Dereference Vulnerability in AMD GPU Driver

A NULL pointer dereference vulnerability has been identified in the Linux kernel's AMD GPU driver, specifically within the amdkfd component. This issue arises in several stable kernel versions and is related to improper error handling in the 'kfd_process_device_init_vm' function. The vulnerability can be exploited when the 'kfd_process_device_destroy_cwsr_dgpu' or 'kfd_process_device_destroy_ib_mem' functions are called, leading to a kernel crash.

Impact

Exploitation of this vulnerability causes a kernel crash due to a NULL pointer dereference, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by creating a process that initializes a virtual memory space using the 'kfd_process_device_init_vm' function. If this process is then terminated or cleaned up improperly, the 'kfd_process_device_destroy_cwsr_dgpu' or 'kfd_process_device_destroy_ib_mem' functions can be invoked, causing a NULL pointer dereference in the kernel.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.