Linux Kernel Buffer Length Validation Vulnerability in Netrom Component

A vulnerability exists in the Linux kernel's Netrom implementation, specifically within the AX.25 protocol handling. The issue arises from the Netrom route management not properly validating the size of the received buffer before processing it. This oversight can lead to the use of uninitialized data, potentially causing unpredictable behavior or information leakage. The vulnerability was identified by the Linux Verification Center using Syzkaller, a fuzzing tool that discovered the issue while sending raw messages through the IEEE 802.154 implementation.

Impact

Exploitation of this vulnerability can lead to the use of uninitialized memory, which may cause data corruption or unpredictable behavior in the kernel.

Reproduction

The vulnerability can be reproduced by sending raw messages through a socket using the IEEE 802.154 protocol. The Netrom implementation will process these messages without properly checking the buffer size, leading to the use of uninitialized data in the AX.25 comparison function.

Remediation

Users can upgrade to the latest stable version of the Linux kernel, where this vulnerability has been addressed.