Linux Kernel Bcache Btree Cache Wait List Corruption Vulnerability

A list corruption vulnerability has been identified in the Linux kernel's bcache component, specifically within the btree management. This issue can lead to a kernel crash, with error messages indicating a 'list_add corruption' problem. The corruption occurs because the linked list structure, which is crucial for managing the btree operations, becomes damaged. This vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability causes a kernel crash due to list management corruption, disrupting normal system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by initiating a multithreaded operation that involves the bcache btree management. During this process, one thread may 'cannibalize' btree nodes, which can inadvertently damage the btree_cache_wait list if proper synchronization is not maintained. This can be observed by monitoring the system for crashes related to list management errors, indicating that the btree_cache_wait list has been compromised.

Remediation

Users can upgrade to the latest patched version of the Linux kernel stable tree to address this vulnerability.