Linux Kernel PTP Support Check Vulnerability in IXP4XX Ethernet Driver

A vulnerability in the Linux kernel's handling of Precision Time Protocol (PTP) support for certain Ethernet devices can lead to a null pointer dereference and a subsequent segmentation fault. This issue occurs in the IXP4XX Ethernet driver when the PTP feature is queried for devices that do not support it, specifically on platforms other than IXP46X. The vulnerability has been addressed by modifying the driver to check for PTP support before attempting to use the feature, thereby preventing the null pointer dereference.

Impact

Exploitation of this vulnerability causes a kernel panic due to a null pointer dereference, which can lead to a denial of service by crashing the system.

Reproduction

The vulnerability can be reproduced by using the 'tcpdump' command to capture network traffic on an affected device with an IXP4XX Ethernet interface. The command will trigger the PTP support check, leading to a null pointer dereference and a segmentation fault, causing the kernel to crash.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.