Linux Kernel nvdimm NULL Pointer Dereference Vulnerability in ndtest Probe Function

A vulnerability in the Linux kernel's nvdimm testing framework can lead to a NULL pointer dereference. This issue arises in the ndtest_probe function, which allocates three DMA address arrays. If the memory allocation fails, the function does not properly handle the error, allowing for a NULL pointer dereference under low-memory conditions. The vulnerability has been addressed by modifying the allocation process to check for errors and return an appropriate memory allocation failure response, thereby preventing the NULL pointer dereference.

Impact

Exploitation of this vulnerability can cause a NULL pointer dereference, leading to a crash of the affected system or application.

Reproduction

The vulnerability can be reproduced by loading the nvdimm ndtest module on a system with low memory availability. The ndtest_probe function will attempt to allocate memory for three DMA address arrays. If any of these allocations fail, the function will not properly handle the error, resulting in a NULL pointer dereference when it tries to use the unallocated memory. This can be observed by monitoring the system for crashes or instability after loading the module under low-memory conditions.

Remediation

Users can update to the latest version of the Linux kernel, where this vulnerability has been fixed. Instructions for updating the kernel can be found in the official Linux documentation or through the package management system of the Linux distribution in use.