Linux Kernel Block Device Null Pointer Dereference Vulnerability When THP is Disabled

A null pointer dereference vulnerability has been identified in the Linux kernel's block device handling. This issue occurs when Transparent Huge Pages (THP) are disabled, and a block device with a logical block size greater than the page size is present. The vulnerability leads to a kernel panic during boot, caused by a null pointer dereference in the block device read operations. The issue arises because large folio support relies on THP being enabled, and the kernel improperly allows block devices with larger logical block sizes to be used when THP is disabled.

Impact

Exploitation of this vulnerability causes a kernel panic due to a null pointer dereference, disrupting the system boot process.

Reproduction

To reproduce this vulnerability, boot a system with the Linux kernel that has THP disabled and a block device that has a logical block size greater than the page size. The system will panic during boot due to the null pointer dereference.

Remediation

Users can enable Transparent Huge Pages (THP) to mitigate this vulnerability. Instructions for managing THP settings can be found in the Linux kernel documentation.