Linux Kernel bgmac Driver Vulnerability Leading to Kernel Panic

A vulnerability in the Linux kernel's bgmac network driver can cause a kernel panic by triggering a 'BUG' condition. This issue arises when a receive interrupt occurs between updating the transmission queue and acknowledging the sent data, causing a miscalculation of the queue size. The vulnerability has been observed in a real-time (RT) kernel environment, but it is likely present in the mainline kernel as well.

Impact

Exploitation of this vulnerability causes a kernel panic, disrupting all processes and potentially leading to a system crash.

Reproduction

The vulnerability can be reproduced by inducing a receive interrupt in the bgmac driver while the transmission queue is being updated. This can be done by generating network traffic that interrupts the normal processing of the transmission queue, causing the driver to miscalculate the queue size and trigger the 'BUG' condition.