Linux Kernel AX.25 Circular Locking Dependency Vulnerability

A locking issue has been identified in the Linux kernel's AX.25 protocol implementation, specifically in versions prior to 6.13.0. The problem arises from a circular locking dependency that can lead to a deadlock situation. The issue is related to the RTNL (Routing Netlink) mutex and the socket lock for AX.25, where improper handling of lock acquisition can cause tasks to become stuck, waiting for locks that are held by themselves.

Impact

Exploitation of this vulnerability can lead to a deadlock, where a process is stuck waiting for a lock that it holds, causing a halt in execution and potentially leading to a denial of service condition.

Reproduction

The vulnerability can be reproduced by creating a scenario where the AX.25 socket options are set while holding the AX.25 socket lock. This can be done by triggering AX.25 device events that require notification while simultaneously attempting to acquire the RTNL mutex, creating a circular dependency that the lock management system cannot resolve.

Remediation

Users can upgrade to Linux kernel versions 6.13.0 or later, where this vulnerability has been addressed.