Linux Kernel NULL Pointer Dereference Vulnerability in Davinci Clock Driver

A NULL pointer dereference vulnerability has been identified in the Linux kernel's Davinci clock driver. The issue arises in the 'davinci_lpsc_clk_register()' function, which fails to check the return value of 'devm_kasprintf()' after memory allocation. This oversight can lead to a NULL pointer dereference, causing a crash. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a NULL pointer dereference, causing a system crash.

Reproduction

The vulnerability can be reproduced by loading the Davinci clock driver in the Linux kernel. When the 'davinci_lpsc_clk_register()' function is called, it allocates memory for the 'pm_domain.name' field using 'devm_kasprintf()'. If this allocation fails, 'pm_domain.name' will be NULL, but the function does not perform a check for this condition. As a result, the driver will attempt to use the NULL value, leading to a dereference error and a system crash.

Remediation

The vulnerability has been addressed by adding a NULL check after the 'devm_kasprintf()' call in the 'davinci_lpsc_clk_register()' function. Users should upgrade to the latest version of the Linux kernel where this fix has been applied.