Linux Kernel NVDIMM Bus Use-After-Free Vulnerability in Asynchronous Initialization

A use-after-free vulnerability has been identified in the Linux kernel's NVDIMM bus driver, specifically in the asynchronous device registration process. This issue arises when the 'device_add()' function fails, causing the reference count of the device to drop to zero before the parent device pointer can be accessed. As a result, the parent pointer is left dangling, leading to a use-after-free condition. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, which may be exploited to execute arbitrary code or cause a denial-of-service condition by crashing the system.

Reproduction

The vulnerability can be reproduced by registering a device asynchronously on the NVDIMM bus and simulating a failure in the 'device_add()' function. This can be done by causing an allocation failure, which will drop the reference count of the device before the parent pointer is accessed, creating a use-after-free situation.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.