Linux Kernel SMC Unprotected Link Addition Vulnerability Leading to Denial-of-Service

A denial-of-service vulnerability has been identified in the Linux kernel's SMC (Shared Memory Communication) implementation. The issue arises in the 'net/smc' component, where the 'smc_llc_srv_add_link()' function lacks proper synchronization. This flaw can be exploited when a server attempts to establish a second link, potentially causing a kernel panic. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability can lead to a kernel panic, causing a denial-of-service condition by crashing the system and interrupting normal operations.

Reproduction

The vulnerability can be reproduced by configuring an SMC server to establish multiple links. The server's attempt to add a second link will trigger the unprotected 'smc_llc_srv_add_link()' function, leading to a kernel panic.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel's official website.