Hi, I am a security researcher, my name is Dongyang Zhan. I found a potential bug. I hope you can help me to confirm it. Thank you. In Linux 4.10.17, function con_init() in /drivers/tty/vt/vt.c forgets to handle the failure of the memory allocation operation (e.g., vc_cons[currcons].d = vc = kzalloc(sizeof(struct vc_data), GFP_NOWAIT)). Source code and comments; vc_cons[currcons].d = vc = kzalloc(sizeof(struct vc_data), GFP_NOWAIT); INIT_WORK(&vc_cons[currcons].SAK_work, vc_SAK); tty_port_init(&vc->port); visual_init(vc, currcons, 1); vc->vc_screenbuf = kzalloc(vc->vc_screenbuf_size, GFP_NOWAIT); vc_init(vc, vc->vc_rows, vc->vc_cols, currcons || !vc->vc_sw->con_save_screen); If the allocation fails, dereferencing vc will cause a null pointer dereference.
