Linux Kernel Coresight TRBE Driver NULL Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's Coresight TRBE driver can lead to a NULL pointer dereference and subsequent kernel panic. The issue arises when the driver fails to allocate a buffer. Instead of properly signaling the error, the driver returns an error code that is not checked by the caller. This oversight allows the driver to continue operating, ultimately causing a kernel panic. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a kernel panic, leading to a denial of service by crashing the system.

Reproduction

The vulnerability can be reproduced by triggering a buffer allocation failure in the TRBE driver. This can be done by simulating conditions that cause the allocation functions to fail, such as exhausting available memory. When the allocation fails, the driver incorrectly handles the error, allowing the operation to proceed and eventually causing a kernel panic.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable kernel to apply the fix.