Linux Kernel GPIO Reset Controller Bind Attribute Suppression Vulnerability

A vulnerability exists in the Linux kernel's GPIO-based reset controller, where the sysfs bind attributes are not properly managed. This issue can lead to a use-after-free error, causing a kernel crash. The vulnerability arises because the reset device, which is dynamically created and intended to remain in memory indefinitely, lacks a proper connection to its reset consumer. As a result, user-space can inadvertently unbind the device, triggering the use-after-free condition.

Impact

Exploitation of this vulnerability causes a use-after-free error, leading to a kernel crash.

Reproduction

The vulnerability can be reproduced by creating a GPIO-based reset controller without properly managing the sysfs bind attributes. This can be done by dynamically adding a reset device and allowing user-space to unbind it, which will cause a use-after-free error when the reset control handle is released.

Remediation

The vulnerability has been addressed by adding a suppression for the bind attributes in the sysfs, preventing user-space from unbinding the reset device. Users should update to the latest version of the Linux kernel where this fix has been applied.