Linux Kernel NULL Pointer Dereference Vulnerability in Media Blitter Driver

A vulnerability allowing a NULL pointer dereference has been identified in the Linux kernel's media blitter driver, specifically within the 2D blitter driver that uses the V4L2 memory-to-memory framework. The issue arises because the driver does not properly check the return value of the 'create_workqueue' function, which can lead to a NULL pointer dereference. This vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by loading the affected 2D blitter driver that uses the V4L2 memory-to-memory framework without the necessary checks for the workqueue creation. This can be done by compiling the kernel with the driver enabled and then loading the driver, which will trigger the NULL pointer dereference when the workqueue is accessed.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.