Linux Kernel RDS TCP Callback Work Cancellation Lock Handling Vulnerability

A vulnerability in the Linux kernel's RDS (Reliable Datagram Sockets) implementation over TCP has been addressed. The issue arose because a recent commit introduced a work cancellation function into a section that was protected by a socket lock. This change overlooked the fact that the work transmission function could also call the socket lock, leading to potential lock dependency warnings. The vulnerability was caused by unnecessary lock management during the work cancellation process, which could disrupt the normal operation of the RDS TCP data handling functions.

Impact

The vulnerability could lead to improper lock management, causing potential deadlocks or other synchronization issues in the RDS TCP implementation.

Reproduction

The vulnerability can be reproduced by applying the problematic commit to a Linux kernel version that includes the RDS TCP implementation. After applying the commit, the lock dependency warning can be triggered, indicating the presence of the vulnerability.

Remediation

Users can upgrade to the patched version of the Linux kernel where this vulnerability has been addressed.