Linux Kernel Thermal Netlink Userspace Segmentation Fault Vulnerability

A vulnerability in the Linux kernel's thermal netlink implementation can lead to a userspace segmentation fault. This issue arises in the intel-lpmd tool, which relies on the THERMAL_GENL_ATTR_CPU_CAPABILITY attribute to receive HFI events from the kernel. After a recent commit that altered the raw value of this attribute, intel_lpmd began experiencing segmentation faults. The problem stems from the commit introducing a new attribute value that disrupted the existing enumeration, potentially affecting numerous attributes and complicating maintenance for userspace thermal netlink event users. The vulnerability has been addressed by repositioning the new attribute to the end of the enumeration, ensuring that existing attributes remain stable.

Impact

Exploitation of this vulnerability causes a segmentation fault in userspace, leading to a crash of the affected application or tool.