Linux Kernel CPU Port Reset Vulnerability on MTU Change in QCA8K Switches

A vulnerability in the Linux kernel's handling of QCA8K switches can lead to a denial-of-service condition. When the MAX_FRAME_SIZE is altered while the CPU port is active, the switch can panic and stop forwarding packets. This disruption causes the management Ethernet system to fail to receive packets, although a slow fallback still operates, leaving the device unreachable. Recovery requires a switch reset. To avoid this issue, CPU ports should be disabled before changing the MAX_FRAME_SIZE and reactivated afterward.

Impact

Changing the MAX_FRAME_SIZE while the CPU port is active can cause the switch to panic, halt packet transmission, and disrupt management Ethernet communication, making the device unreachable until a switch reset is performed.

Remediation

To prevent this vulnerability, ensure that CPU ports are turned off before modifying the MAX_FRAME_SIZE. After the change is applied, the CPU ports can be turned on again.