CVE-2026-31439 Linux内核XDMA驱动错误处理漏洞

/* * PoC Concept: Triggering the vulnerable code path. * This requires a system with the vulnerable kernel and Xilinx hardware/device present. * The bug is in the probe/init function. If regmap init fails, * the kernel crashes due to the NULL check bug. */ #include <stdio.h> #include <fcntl.h> #include <unistd.h> #include <sys/ioctl.h> #define DEVICE_PATH "/dev/xdma" int main() { int fd = open(DEVICE_PATH, O_RDWR); if (fd < 0) { perror("Failed to open device"); return 1; } // Attempting to interact with the device might trigger initialization // if it wasn't already fully initialized, or simply accessing it. // The crash happens during the driver's internal error handling path. printf("Interacting with %s...\n", DEVICE_PATH); // In a real scenario, specific hardware conditions causing // devm_regmap_init_mmio to fail are needed to trigger the bug. // e.g. memory exhaustion or specific hardware fault. close(fd); return 0; }