Linux Kernel DRM MSM Metadata Management Error Handling Vulnerability

A vulnerability in the Linux kernel's DRM MSM (Direct Rendering Manager Qualcomm) component has been addressed. The issue arose in the 'msm_ioctl_gem_info_set_metadata' function, which now includes error handling for memory reallocation failures. Previously, a failure to reallocate memory could have led to a null pointer dereference. The function now returns an 'ENOMEM' error when a reallocation fails, preventing potential crashes. Additionally, the function avoids using the 'GFP_NOFAIL' allocation flag, which could cause deadlocks under certain conditions.

Impact

The vulnerability could have led to null pointer dereferences, potentially causing application crashes or undefined behavior.

Reproduction

The vulnerability existed in the memory management of the 'msm_ioctl_gem_info_set_metadata' function within the DRM MSM component. It could be reproduced by triggering a memory reallocation failure while the function is processing metadata, which would result in a null pointer dereference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.