Linux Kernel DCB Attribute Parsing Vulnerability in the BCN Configuration

A vulnerability exists in the Linux kernel's Data Center Bridging (DCB) subsystem, specifically within the function that handles the BCN (Broadcast and Congestion Notification) attributes. The issue arises because the function uses an incorrect policy to parse the BCN attributes, which can lead to improper handling of data and potential overflow issues. This vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability could cause a data parsing error, where the DCB BCN attributes are not processed correctly, potentially leading to a buffer overflow situation.

Reproduction

To reproduce this vulnerability, the DCB subsystem must be configured to use the BCN attributes. Once this is set up, the 'dcbnl_bcn_setcfg' function can be called with a nested attribute that includes the DCB_ATTR_BCN' TLV. The function will incorrectly parse the attributes using the 'dcbnl_pfc_up_nest' policy instead of the correct 'dcbnl_bcn_nest' policy, demonstrating the vulnerability.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.