Linux Kernel PCI Endpoint NULL Pointer Dereference Vulnerability

A NULL pointer dereference vulnerability has been identified in the Linux kernel's PCI endpoint functionality. This issue arises because the 'alloc_workqueue()' function can return NULL if memory allocation fails. Without proper error handling, this could lead to a NULL pointer dereference when 'queue_work()' is called with a NULL workqueue pointer, particularly in the 'epf_ntb_epc_init()' function. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can be exploited to cause a NULL pointer dereference, leading to a crash of the affected component or system.

Reproduction

The vulnerability can be reproduced by loading a PCI endpoint function driver that does not include a NULL check after calling 'alloc_workqueue()'. When the workqueue allocation fails, 'queue_work()' can be called with a NULL pointer, causing a NULL pointer dereference.

Remediation

The vulnerability has been addressed by adding a NULL check after the 'alloc_workqueue()' call. Users should ensure they are using a version of the Linux kernel that includes this fix.