Linux Kernel Ice Driver NULL Pointer Dereference Vulnerability in Ethtool Loopback Test

A vulnerability in the Linux kernel's Ice Ethernet driver has been fixed, addressing a crash that occurred during the ethtool offline loopback test. This crash was caused by a NULL pointer dereference in the 'ice_alloc_rx_bufs' function, leading to a kernel panic. The issue arose after the Ice driver was updated to use a page pool, which introduced a regression in the loopback test. The problem was that the receive (RX) ring for loopback virtual functions (VFs) was not properly initialized, causing the test to fail. The vulnerability affected Linux kernel versions prior to 6.19.0-0.rc7.260128g1f97d9dcf5364.49.eln154.x86_64.

Impact

The vulnerability could lead to a kernel crash due to a NULL pointer dereference, disrupting system operations and potentially causing a denial of service.

Reproduction

The vulnerability can be reproduced by running the ethtool offline loopback test on a network device using the Ice driver in a Linux kernel version prior to the fix. The test will crash the kernel, causing a NULL pointer dereference error.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability.