Linux Kernel NTFS3 Filesystem Null Pointer Dereference Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's NTFS3 filesystem handling. This issue arises when the kernel attempts to read the root directory's Master File Table (MFT) record and the inode operations pointer is found to be null. Without a valid pointer, the kernel can crash while mounting an image with a problematic MFT record. The vulnerability affects Linux kernel versions 6.0.0-rc4 and prior.

Impact

Exploitation of this vulnerability leads to a kernel panic caused by a null pointer dereference, disrupting system operations and potentially causing a denial of service.

Reproduction

The vulnerability can be reproduced by mounting a disk image that contains a malformed root directory MFT record. This can be done using the 'mount' command in a Linux environment, specifying the NTFS3 filesystem type. The kernel will attempt to read the root directory's MFT record, and if the record is malformed, the null pointer dereference will occur, causing a kernel panic.

Remediation

Users can upgrade to the latest stable version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.