Linux Kernel ixgbevf Hyper-V NULL Pointer Dereference Vulnerability

A vulnerability in the Linux kernel's ixgbevf driver for Intel Ethernet Virtual Function (VF) can lead to a NULL pointer dereference on Hyper-V virtual machines. This issue arises because the .negotiate_features callback was not properly assigned in the Hyper-V operations table, leaving the function pointer NULL. When the driver is probed, it attempts to call the negotiate_features function, which results in a kernel NULL pointer dereference. This vulnerability affects the Linux kernel ixgbevf driver on Hyper-V VMs.

Impact

Exploitation of this vulnerability causes a kernel NULL pointer dereference, leading to a crash of the affected system or process.

Reproduction

The vulnerability can be reproduced by loading the ixgbevf driver on a Hyper-V virtual machine. During the driver's initialization process, the missing negotiate_features callback will be noticed, causing a NULL pointer dereference. This can be observed in the system logs, where a kernel NULL pointer dereference error will be reported, along with a call trace indicating the source of the error in the ixgbevf driver.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable Linux kernel to apply the fix.