Linux Kernel Lan78xx USB Driver EEPROM Read Timeout Vulnerability

A vulnerability in the Linux kernel's USB LAN78xx driver has been addressed, concerning improper handling of EEPROM read timeout errors. This issue, reported by Syzbot, involved the driver reading an uninitialized variable due to a timeout in the EEPROM read operation. The driver failed to correctly propagate this timeout error, leading to potential misinterpretation of the data buffer as valid. The problem arose because the driver discarded the timeout error after attempting to restore the LED pin configuration, which could cause callers to mistakenly believe they had received valid data when, in fact, the read operation had timed out without completing successfully.

Impact

The vulnerability could lead to the use of uninitialized data, which can cause undefined behavior in the application, potentially allowing for memory corruption or other unintended consequences.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.