Linux Kernel Libie Firmware Logging Uninitialized Deinitialization Vulnerability

A vulnerability exists in the Linux kernel's libie firmware logging management. The issue arises in versions prior to 6.17.0-rc7, where the libie_fwlog_deinit() function can be invoked during the uninstallation of the ixgbe driver, even if firmware logging was never correctly initialized. This improper handling can lead to a system crash, as indicated by a call trace showing an 'Oops' error. The vulnerability can be reproduced by unloading the ixgbe driver in recovery mode.

Impact

The vulnerability causes a system crash by triggering an 'Oops' error, which is a common indication of a problem in the Linux kernel that can lead to instability or a denial of service.

Reproduction

To reproduce this vulnerability, attempt to unload the ixgbe network driver while in recovery mode. The libie_fwlog_deinit() function will be called, leading to a system crash because firmware logging was not properly initialized.

Remediation

The vulnerability has been addressed in the Linux kernel stable tree. Users should upgrade to the latest version.