Linux Kernel NULL Pointer Dereference Vulnerability in Group CPUs Handling

A NULL pointer dereference vulnerability has been identified in the Linux kernel's handling of CPU groups. This issue arises in the 'group_cpus_evenly()' function, particularly when testing the 'null_blk' block device with 'configfs'. The vulnerability is triggered by writing '0' to 'poll_queues', which causes a kernel panic due to the NULL pointer dereference. The root cause is that the 'numgrps' variable is set to '0', leading to a zero-sized pointer being dereferenced. The vulnerability affects Linux kernel version 6.15.0-02023-gadbdb95c8696.

Impact

Exploitation of this vulnerability leads to a kernel panic caused by a NULL pointer dereference, disrupting system operations and potentially causing a denial of service.

Reproduction

To reproduce this vulnerability, use a Linux kernel version 6.15.0-02023-gadbdb95c8696. Test the 'null_blk' block device with 'configfs' by writing '0' to the 'poll_queues' attribute. This action will trigger a kernel panic due to the NULL pointer dereference.

Remediation

The vulnerability has been fixed in the official Linux kernel repository. Users should upgrade to the latest version of the Linux kernel to address this issue.