Linux Kernel NULL Pointer Dereference Vulnerability in VDSO Handling on RISC-V

A vulnerability in the Linux kernel's handling of the virtual dynamic shared object (VDSO) for RISC-V architecture has been addressed. The issue arose in the 'vdso_join_timens' function, where a NULL pointer dereference occurred during the 'vfork' system call. This was due to the VDSO information not being properly set up for the 'vfork' case, leading to a kernel access error when user memory was accessed without the appropriate user access routines. The vulnerability was introduced in a previous commit that added VDSO support for compatibility with RISC-V.

Impact

Exploitation of this vulnerability could lead to a kernel panic or crash, as the NULL pointer dereference would cause a fault in the kernel's memory management.

Reproduction

The vulnerability can be reproduced by running the VDSO timing self-test available in the Linux kernel's selftest suite. This test exercises the 'vfork' system call, which triggers the NULL pointer dereference in the 'vdso_join_timens' function.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.