Linux Kernel Use-After-Free Vulnerability in igb Driver XDP Mode

A use-after-free vulnerability has been identified in the Linux kernel's igb network driver, specifically in the igb_clean_tx_ring function. This issue arises when the network interface card (NIC) is operating in eXpress Data Path (XDP) mode. The vulnerability can be exploited by redirecting traffic into the igb NIC and then closing the device while the traffic is still being processed, leading to potential memory corruption.

Impact

Exploitation of this vulnerability causes a use-after-free condition, which can lead to memory corruption and potentially allow for arbitrary code execution.

Reproduction

To reproduce this vulnerability, first ensure that the system is running a version of the Linux kernel that includes the vulnerable igb driver. Redirect traffic into the igb NIC while it is active. While the traffic is still flowing, close the network device. This sequence of actions will trigger the use-after-free vulnerability by disrupting the normal management of memory references in the driver.

Remediation

Users can upgrade to a patched version of the Linux kernel that addresses this vulnerability. Consult the official Linux kernel repository or distribution channels for the latest updates.