Linux Kernel NULL Pointer Dereference Vulnerability in OPP Bandwidth Management

A vulnerability in the Linux kernel's OPP (Operating Performance Points) management can lead to a kernel crash. This issue occurs when a driver calls the functions 'dev_pm_opp_find_bw_ceil' or 'dev_pm_opp_find_bw_floor' to retrieve bandwidth data from the OPP table. If the bandwidth table has not been initialized because the interconnect properties were absent in the OPP consumer node, the kernel will dereference a NULL pointer, causing a crash. The call trace indicates that the crash happens during the bandwidth reading process, specifically within the OPP table management functions.

Impact

Exploitation of this vulnerability leads to a kernel crash caused by a NULL pointer dereference, disrupting system operations and potentially causing a denial of service.

Remediation

The vulnerability has been addressed by adding an assertion to check whether the bandwidth table is initialized before attempting to read bandwidth data. Users should ensure they are using a version of the Linux kernel that includes this fix.