Linux Kernel Adreno GPU NULL Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's handling of Adreno A7xx GPUs has been fixed. The issue arose in platforms with A7xx GPUs that do not support IFPC. In these cases, the 'ifpc_reglist' was still referenced in the 'a7xx_patch_pwrup_reglist()' function, leading to a kernel crash due to a NULL pointer dereference. The crash occurred during the GPU initialization process, as the system attempted to access register values that were not properly declared. The vulnerability has been addressed by adding a validity check for the 'ifpc_reglist' before it is accessed, ensuring that only declared registers are used, thus preventing the NULL pointer dereference and the associated kernel crash.

Impact

Exploitation of this vulnerability could lead to a kernel crash, causing a denial of service by interrupting normal system operations and potentially requiring a manual reboot to restore functionality.

Reproduction

The vulnerability can be reproduced on a platform with an Adreno A7xx GPU that does not support IFPC. During the GPU initialization process, the 'a7xx_patch_pwrup_reglist()' function will be called. Without the proper checks in place, the function will dereference a NULL 'ifpc_reglist', leading to a kernel crash. This can be observed in the kernel logs, where the crash will be reported as an inability to handle a NULL pointer dereference at a specific virtual address, indicating the source of the problem.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The patch is included in the official Linux stable releases.