Linux Kernel Late Dereference Vulnerability in DRM STMicroelectronics LTDC Component

A vulnerability exists in the Linux kernel's handling of the LTDC (Layered Timing Control Display) component within the DRM (Direct Rendering Manager) subsystem for STMicroelectronics. The issue arises because a pointer to the 'drm_crtc' structure was dereferenced in a 'container_of()' macro before verifying that the pointer was valid. This oversight could lead to a kernel panic. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a kernel panic, disrupting system operations and potentially leading to a denial of service.

Reproduction

To reproduce this vulnerability, the 'ltdc_crtc_set_crc_source()' function can be called with an invalid 'drm_crtc' pointer. The function will attempt to dereference the pointer before checking its validity, which can lead to a kernel panic.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is available in the Linux kernel stable tree.