Linux Kernel Null Pointer Dereference Vulnerability in DRM Panel JDI

A null pointer dereference vulnerability has been identified in the Linux kernel's handling of certain display panels. Specifically, in the function 'jdi_panel_dsi_remove()', there is a check for a 'jdi' pointer that may be NULL. If 'jdi' is NULL, the function detaches the MIPI DSI device but does not return, instead proceeding to disable the panel by calling 'jdi_panel_disable()'. This latter function unconditionally dereferences 'jdi', leading to a potential null pointer dereference. The vulnerability has been addressed by modifying 'jdi_panel_dsi_remove()' to return early when 'jdi' is NULL, preventing the unsafe dereference.

Impact

Exploitation of this vulnerability can lead to a null pointer dereference, causing a crash or undefined behavior in the kernel.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.