Linux Kernel Intel PMT NULL Pointer Dereference Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's Intel Platform Management Technology (PMT) implementation, specifically within the binary sysfs interface. This issue arises because the 'intel_pmt_read()' function requires a valid PCI device reference, which is not always provided. The absence of this reference leads to a kernel crash, as the function attempts to access telemetry data from a non-existent endpoint, causing a NULL pointer dereference. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a kernel crash due to a NULL pointer dereference, causing a denial of service condition.

Reproduction

The vulnerability can be reproduced by invoking the 'intel_pmt_read()' function from a binary sysfs file without a valid PCI device reference. This can be done by accessing the PMT binary sysfs interface on a system with an affected kernel version, where the endpoint value is not properly set for telemetry usage.

Remediation

Users can upgrade to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for upgrading the kernel can be found in the official Linux kernel documentation.