Linux Kernel PowerPC SMP NULL Pointer Dereference Vulnerability in Thread Group Parsing

A vulnerability has been identified in the Linux kernel's PowerPC architecture, specifically within the symmetric multiprocessing (SMP) handling. The issue arises in the 'parse_thread_groups' function of the 'smp.c' file, where the 'kcalloc' function is used to allocate memory for thread group data. If this memory allocation fails, it can lead to a NULL pointer dereference when the code attempts to read thread group properties from the device tree. This vulnerability affects several versions of the Linux kernel stable tree.

Impact

The vulnerability can lead to a NULL pointer dereference, causing a crash or instability in the system.

Reproduction

The vulnerability can be reproduced by parsing thread groups with multiple properties on a PowerPC system running an affected version of the Linux kernel. The 'parse_thread_groups' function will attempt to allocate memory for the thread group data using 'kcalloc'. If the allocation fails, the function will return an error, but in the vulnerable versions, this failure is not properly checked, leading to a NULL pointer dereference when the code tries to read the thread group properties.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is '33c1c6d8a28a2761ac74b0380b2563cf546c2a3a', which is available in the Linux kernel stable tree.