Liequan Che

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.74 Description: A vulnerability in the Linux kernel has been resolved. The issue is related to a NULL pointer dereference in the `cache set flush()` function. This occurs when the previous registration code fails before allocating `c->root`, making it possible for `c->root` to be NULL. The ` bch btree node alloc()` function never returns NULL, but `c->root` can be NULL at the line where the check is performed. The patch replaces `IS ERR()` with `IS ERR OR NULL()` to fix this issue. Recommendations: For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling the `cache set flush()` function until a patch is available. Restrict access to the vulnerable `bcache` module to minimize the risk of exploitation. Avoid using the `c->root` variable in the affected `cache set flush()` function until the issue is resolved.