Linux Kernel Panthor DRM Uninitialized Memory Access Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's Panthor DRM driver. This issue arises during the process of unplugging a device, where the function 'panthor_fw_unplug()' frees firmware memory sections. However, if there are pending firmware events that have not yet been processed, the function 'process_fw_events_work()' may attempt to access the already freed memory, leading to undefined behavior. The vulnerability has been addressed by modifying the unplug process to disable and synchronize the firmware event handling, ensuring that all events are processed before the memory is freed.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for arbitrary code execution or memory corruption.