Linux Kernel RCU-Safe List Vulnerability in Device Mapper Thin Provisioning

A vulnerability in the Linux kernel's device mapper thin provisioning module can lead to a general protection fault. This issue arises from the improper use of RCU (Read-Copy-Update) safe list functions, which can cause a thread to access an invalid list entry. The problem occurs when 'list_empty()' sees a valid entry, but 'list_first()' retrieves a different view of the list head after a modification, leading to a crash. The vulnerability has been addressed by changing the list handling to a safer method that reduces the risk of such errors.

Impact

Exploitation of this vulnerability causes a general protection fault, leading to a crash of the affected system.

Reproduction

The vulnerability can be reproduced by using the device mapper test suite's thin-provisioning tests for delete and suspend operations. This will trigger the faulty list handling under RCU synchronization, causing a crash.

Remediation

The vulnerability has been fixed in the official Linux kernel repository. Users should upgrade to the latest version.