Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:regulator: dummy: force synchronous probingSometimes I get a NULL pointer dereference at boot time in kobject_get()with the following call stack:anatop_regulator_probe() devm_regulator_register() regulator_register() regulator_resolve_supply() kobject_get()By placing some extra BUG_ON() statements I could verify that this israised because probing of the 'dummy' regulator driver is not completed('dummy_regulator_rdev' is still NULL).In the JTAG debugger I can see that dummy_regulator_probe() andanatop_regulator_probe() can be run by different kernel threads(kworker/u4:*). I haven't further investigated whether this can bechanged or if there are other possibilities to force synchronizationbetween these two probe routines. On the other hand I don't expect muchboot time penalty by probing the 'dummy' regulator synchronously.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds