Linux Kernel Device-DAX Region Provider Use-After-Free Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's Device-DAX region provider management. This issue arises when a 'mapping' device is removed, leading to a kobject release warning. The vulnerability occurs because the system attempts to free an IDA object that has already been released, causing a potential memory management error. The problem is linked to the handling of parent device references during the release process of Device-DAX mappings.

Impact

Exploitation of this vulnerability can lead to memory corruption issues, where freed memory is improperly accessed, potentially causing undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by removing a Device-DAX region provider using the 'modprobe -r dax_hmem' command. This action triggers a kobject release warning, indicating a use-after-free condition. The DEBUG_LOCKS_WARN_ON(1) warning further confirms the presence of a lock dependency issue, highlighting the vulnerability's exploitation.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.