Linux Kernel DSA Driver RCU Vulnerability with VLAN-aware MAC Addresses

A vulnerability in the Linux kernel's DSA (Distributed Switch Architecture) implementation can lead to improper handling of VLAN-aware MAC addresses. This issue arises when the felix driver, which manages unicast and multicast filtering, is used as a master for another DSA switch. The problem manifests as a warning about suspicious RCU (Read-Copy-Update) usage, indicating that the VLAN processing is not properly synchronized, potentially allowing concurrent access issues. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can cause concurrent access problems in the VLAN management system, leading to potential data corruption or inconsistent behavior when handling VLAN-aware traffic.

Reproduction

To reproduce this vulnerability, use the felix driver as a DSA master for another DSA switch. When the downstream switch ports join a VLAN-aware bridge, the improper RCU usage will trigger a warning stack trace, indicating that the VLAN processing is not correctly synchronized.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.