Linux Kernel IIO Core NULL Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's IIO (Industrial Input/Output) core has been addressed. The issue arose because a recent commit changed how firmware node handles are used for label retrieval during device registration. This change inadvertently made a parent device mandatory for IIO dummy devices, which do not have a parent. As a result, accessing a NULL pointer led to a kernel NULL pointer dereference, causing a crash. The vulnerability was triggered by creating a new entry in the configfs for the IIO dummy driver, which then attempted to access the non-existent parent device, resulting in a NULL pointer dereference. The vulnerability has been fixed by modifying the device registration process to handle cases where the parent device is NULL, allowing the IIO dummy driver to function correctly with configfs.

Impact

Exploitation of this vulnerability leads to a kernel NULL pointer dereference, causing a system crash.

Reproduction

To reproduce this vulnerability, create a new entry in the configfs under the IIO devices dummy driver. This can be done by navigating to the IIO devices configfs directory and creating a new folder. The absence of a parent device for the IIO dummy driver will trigger the NULL pointer dereference, causing a kernel crash.

Remediation

The vulnerability has been fixed in the Linux kernel. Users should upgrade to the latest version.