Linux Kernel Bonding Driver IFF_SLAVE Flag Restoration Vulnerability

A vulnerability exists in the Linux kernel bonding driver related to the incorrect handling of the IFF_SLAVE flag when enslaving non-Ethernet devices. If a non-Ethernet device is enslaved to a bond that is already a slave, and the operation fails, the bonding device's flags are improperly cleared. This issue can be reproduced by creating a bonding interface, enslaving a non-Ethernet device, and then observing the removal of the IFF_SLAVE flag, which can lead to warnings when attempting to delete the bond.

Impact

The vulnerability can cause incorrect network device flag management, leading to operational issues with network bonding interfaces.

Reproduction

To reproduce this vulnerability, add a nlmon device and two bonding interfaces. Set one bonding interface as a master of the second, then attempt to enslave the nlmon device to the first bonding interface. This operation will fail, but the bonding interface will lose its IFF_SLAVE flag, causing issues when trying to manage the bond afterwards.

Remediation

The vulnerability has been addressed in the Linux kernel by restoring the IFF_SLAVE flag correctly when such a failure occurs.