Linux Kernel Remoteproc Resource Table Validation Vulnerability

A vulnerability in the Linux kernel's remoteproc subsystem for i.MX processors can lead to a crash by incorrectly reporting the presence of a resource table in the firmware. The issue arises in the 'imx_rproc_elf_find_loaded_rsc_table()' function, which may return a non-NULL resource table pointer even when the current firmware does not include a resource table. This misreporting can cause the remoteproc core to crash, as it interprets the invalid pointer as a valid resource table. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause a system crash when firmware without a resource table is loaded, disrupting normal operations and potentially leading to a denial of service.

Reproduction

To reproduce this vulnerability, load a firmware image onto a device that does not include a resource table. Ensure that the device tree contains a 'rsc-table' entry, which will cause the 'imx_rproc_elf_find_loaded_rsc_table()' function to return a non-NULL pointer. The remoteproc core will then interpret this as a valid resource table, leading to a crash when the firmware is executed.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.