Linux Kernel RxRPC and AFS Error Pointer Check Vulnerability

A vulnerability exists in the Linux kernel's RxRPC and AFS components due to an inadequate error pointer check in the 'rxrpc_kernel_lookup_peer()' function. This function can return error pointers, not just NULL, making the current NULL check insufficient. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability could lead to improper error handling, potentially causing memory management issues or allowing for unintended behavior in the AFS file system.

Reproduction

The vulnerability can be reproduced by calling the 'rxrpc_kernel_lookup_peer()' function from within the AFS component, specifically in the 'afs_merge_fs_addr4' and 'afs_merge_fs_addr6' functions. The missing error check can be observed by passing an invalid address, which should trigger an error response that is not properly handled.

Remediation

The vulnerability has been addressed by modifying the 'rxrpc_kernel_lookup_peer()' function to return an error code instead of NULL on allocation failures. Callers in the AFS component have been updated to correctly handle these error codes.