Linux Kernel SMC Protocol Deadlock Vulnerability via Improper Message Length Validation

Vulnerability

A vulnerability in the Linux kernel's implementation of the SMC (Shared Memory Communication) protocol can lead to a deadlock condition. This issue arises because the length of messages received over the network can be manipulated, allowing values to exceed the buffer length expected by the kernel. When this happens, the kernel may enter a dead loop while trying to process the excess data, effectively causing a denial-of-service condition. The vulnerability has been addressed by adding a check on the return value of the message-receiving function, preventing the deadlock scenario.

Impact

Exploitation of this vulnerability can cause a deadlock situation, where the system gets stuck processing network data, leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel SMC Protocol Deadlock Vulnerability via Improper Message Length Validation

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating