Linux Kernel NTFS3 Filesystem Null Pointer Dereference Vulnerability

A null pointer dereference vulnerability has been identified in the Linux kernel's NTFS3 filesystem implementation. This issue arises in the 'ni_clear' function, where the 'mi.mrec' field can be NULL but is not properly checked before being accessed. The vulnerability was introduced in a previous commit that added a NULL check for 'mi.mrec' in the 'ni_write_inode' function', but failed to apply the same check in 'ni_clear', leading to the potential dereference of a NULL pointer.

Impact

Exploitation of this vulnerability can lead to a null pointer dereference, causing a crash or undefined behavior in the kernel.

Reproduction

The vulnerability can be reproduced by invoking the 'ni_clear' function on an NTFS3 inode that has a NULL 'mi.mrec' field. This can be done by writing an inode without initializing the 'mrec' field, and then clearing the inode, which will trigger the NULL dereference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the patched version can be found in the Linux Kernel documentation.