Linux Kernel veth Component Use-After-Free Vulnerability in XDP_REDIRECT

A use-after-free vulnerability has been identified in the veth component of the Linux kernel, specifically within the context of the XDP_REDIRECT feature. This issue arises from a bug introduced by a recent commit, which improperly handled socket buffer (skb) headroom. When the headroom was insufficient, the kernel attempted to allocate additional space using a method that could lead to the skb being freed while still in use by AF_XDP, creating a race condition. The vulnerability has been confirmed with a KASAN (Kernel Address Sanitizer) report, indicating a bad memory access after the skb was freed, which could be exploited to cause memory corruption or potentially execute arbitrary code.

Impact

Exploitation of this vulnerability leads to a use-after-free condition, allowing for memory corruption. Such conditions can often be exploited to execute arbitrary code in the context of the kernel.