Linux Kernel i915 GEM VMA Array Initialization Vulnerability

A vulnerability in the Linux kernel's i915 graphics driver has been addressed. The issue was related to the executive buffer management, specifically in how the virtual memory area (VMA) array was initialized. Previously, the VMA pointers were set to a poison value, which could lead to a null dereference bug. This vulnerability affected several versions of the Linux kernel.

Impact

The vulnerability could lead to a null pointer dereference, causing a crash or instability in the system.

Reproduction

The vulnerability can be reproduced by using the i915 graphics driver in a version of the Linux kernel prior to the patch. When the executive buffer is processed, the VMA array is not properly initialized, leaving pointers that should be null set to a poison value instead. This can cause the executive buffer management functions to misinterpret the state of the VMA entries, leading to a null dereference when the cleanup process is triggered.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. The specific commit that addresses this issue is 0336188cc85d0eab8463bd1bbd4ded4e9602de8b.