Linux Kernel NULL Pointer Dereference Vulnerability in pstore/ram Component

A vulnerability in the Linux kernel's pstore/ram component can lead to a NULL pointer dereference. This issue arises because the return value of the kstrdup() function, which duplicates a string, is not properly checked. If kstrdup() fails, it returns NULL, but the code does not handle this case, potentially leading to a dereference of a NULL pointer.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference, which can lead to a system crash or instability.

Reproduction

The vulnerability can be reproduced by creating a persistent RAM zone with a NULL label. The kstrdup() function will fail, returning NULL, but the code will attempt to use the NULL value, causing a dereference error.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel's official website.