Primary

Context

Linux Kernel rxrpc Locking Vulnerability in sendmsg Implementation

Vulnerability

A vulnerability in the Linux kernel's rxrpc implementation has been addressed, specifically related to the sendmsg function. The issue involved improper locking mechanisms, which could lead to a warning about a bad unlock balance. This vulnerability was introduced in Linux kernel version 5.16.0-rc6-syzkaller.

Impact

Exploitation of this vulnerability could cause a warning about a bad unlock balance, indicating a mismatch in lock management that could potentially be exploited to disrupt normal operations or cause a deadlock situation.

Reproduction

The vulnerability can be reproduced by invoking the sendmsg function in the rxrpc context, which will trigger a warning about an improper unlock balance. This indicates that the function is attempting to release a lock that is not currently held, suggesting a flaw in the locking logic that could be exploited.

Added: Jun 18, 2025, 8:41 PM

Updated: Jun 18, 2025, 8:41 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel rxrpc Locking Vulnerability in sendmsg Implementation

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating