Linux Kernel IPv6 Lockdep Splat Vulnerability

A vulnerability in the Linux kernel's IPv6 handling has been addressed. The issue involved improper use of RCU (Read-Copy-Update) references in the 'in6_dump_addrs' function, which led to a lockdep splat. This misuse of RCU could cause synchronization issues, as reported by syzbot. The vulnerability was present in the 5.19.0-rc2-syzkaller version of the Linux kernel.

Impact

Exploitation of this vulnerability could lead to a lockdep splat, indicating a potential issue with lock management and RCU usage, which could be exploited to cause a deadlock or other synchronization problems.

Reproduction

The vulnerability can be reproduced by sending a Netlink message that triggers the 'in6_dump_addrs' function in the IPv6 address configuration module. This can be done using a tool like 'syzkaller', which is designed to fuzz the Linux kernel and can generate the conditions needed to expose the vulnerability.