Linux Kernel Memory Corruption Vulnerability in imx_sc_key Input Driver

A memory corruption vulnerability has been identified in the Linux kernel's imx_sc_key input driver. This issue arises because the driver incorrectly passes a reference to a stack address instead of the intended private variable, leading to memory corruption when the imx_sc_key_action() function is executed. The vulnerability affects the stable version of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to memory corruption, which may cause undefined behavior in the kernel, potentially allowing for arbitrary code execution or escalation of privileges.

Reproduction

The vulnerability can be reproduced by loading the imx_sc_key input driver with the incorrect parameter that includes a reference to the stack address. This can be done by modifying the driver's probe function to pass '&priv' instead of 'priv'. Once the driver is loaded, the imx_sc_key_action() function will be called, resulting in memory corruption.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.