Linux Kernel NULL Dereference Vulnerability in auxdisplay Line-Display Component

A NULL pointer dereference vulnerability has been identified in the Linux kernel's auxdisplay line-display feature. This issue arises in the linedisp_release() function, which incorrectly retrieves the associated struct linedisp using the to_linedisp() function. The to_linedisp() lookup relies on the attachment list, which may have been cleared before the put_device() function calls the release callback. This scenario can occur during the linedisp_unregister() process or certain error paths in linedisp_register(). When to_linedisp() returns NULL, the linedisp_release() function erroneously dereferences it while attempting to free display resources, leading to a crash. The vulnerability affects the embedded linedisp device structure, which is managed by the linedisp_register() function.

Impact

Exploitation of this vulnerability causes a NULL pointer dereference, leading to a system crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel official website.