Linux Kernel ALSA snd_mts64 Driver Null Pointer Dereference Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's ALSA (Advanced Linux Sound Architecture) subsystem, specifically within the snd_mts64 driver. This issue occurs when the driver is loaded as a module, along with parallel port support. The vulnerability arises because the driver does not properly initialize before handling interrupts, leading to a kernel panic. The problem can be reproduced by loading the snd_mts64 module multiple times, which triggers the null pointer dereference error.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting system operations and requiring a reboot.

Reproduction

The vulnerability can be reproduced on a QEMU platform by compiling the kernel with the default configuration and enabling the parallel port and snd_mts64 options. After loading the snd_mts64 module, the null pointer dereference error occurs, as the driver fails to initialize properly before an interrupt is processed.

Remediation

Users can apply the official patch available in the Linux kernel stable tree to address this vulnerability.