Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:Revert "xsk: Support redirect to any socket bound to the same umem"This reverts commit 2863d665ea41282379f108e4da6c8a2366ba66db.This patch introduced a potential kernel crash when multiple napi instancesredirect to the same AF_XDP socket. By removing the queue_index check, it ispossible for multiple napi instances to access the Rx ring at the same time,which will result in a corrupted ring state which can lead to a crash whenflushing the rings in __xsk_flush(). This can happen when the linked list ofsockets to flush gets corrupted by concurrent accesses. A quick and small fixis not possible, so let us revert this for now.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds