Linux Kernel Comedi Driver PNP Unregistration Vulnerability

A vulnerability exists in the Linux kernel Comedi driver 'c6xdigio', which is intended for parallel port-connected devices. The issue arises because the driver improperly manages Plug and Play (PNP) resources. When the driver is attached, it registers a PNP driver but fails to handle potential errors. The detachment process unconditionally unregisters the PNP driver, leading to warnings about unexpected driver unregistration. This flaw was identified by Syzbot, and the driver should instead manage PNP registration and unregistration during module initialization and exit.

Impact

Exploitation of this vulnerability can cause the system to issue warnings about unexpected driver unregistration, which may indicate a mismanagement of driver resources. However, this vulnerability does not appear to have a direct negative impact on system stability or functionality.

Reproduction

To reproduce this vulnerability, load the 'c6xdigio' Comedi driver module. The driver will attempt to register a PNP driver for parallel port resources. If this registration fails, the error is ignored. When the driver is detached, it will unconditionally unregister the PNP driver, even if the registration was not successful. This sequence of actions will trigger the warning about unexpected driver unregistration, indicating the vulnerability has been reproduced.

Remediation

The vulnerability has been addressed by modifying the driver to manage PNP registration and unregistration at the correct times. Users should ensure they are using a version of the Linux kernel that includes this fix.