Linux Kernel Conntrack Race Condition Vulnerability in Netfilter

A vulnerability in the Linux kernel's netfilter component, specifically within the connection tracking (conntrack) system, has been addressed. The issue arose from a race condition that allowed the conntrack entry to be improperly managed during insertion. When a conntrack entry clashed, the insertion process could inadvertently free the socket buffer's connection tracking pointer and overwrite it with an already confirmed entry. This vulnerability was not detected earlier because the conntrack entry and the associated extension space were freed only after a Read-Copy-Update (RCU) grace period, creating a timing issue that required events to be enabled for exploitation.

Impact

Exploitation of this vulnerability could lead to a race condition, causing improper management of conntrack entries, which could potentially be exploited to disrupt network traffic or connection tracking processes.