Linux Kernel Max3421 HCD Error Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's USB host driver for the MAX3421 chip has been addressed. The issue was an improper handling of error pointers in the probe cleanup process, which could lead to a null pointer dereference. The MAX3421 host controller driver did not adequately check if the 'spi_thread' pointer was an error or null before dereferencing it, potentially causing a crash. This vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability could lead to a null pointer dereference, causing a kernel crash.

Reproduction

The vulnerability can be reproduced by loading the MAX3421 USB host controller driver in a version of the Linux kernel that is affected by this issue. During the probe cleanup process, the driver improperly handles error pointers from the 'kthread_run()' function, leading to a null pointer dereference.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit addressing this issue is available in the Linux kernel stable tree.