Linux Kernel rtnetlink Message Size Vulnerability for Virtual Function GUIDs

A vulnerability in the Linux kernel's rtnetlink implementation can lead to a kernel warning when handling netlink messages that include multiple Virtual Function (VF) port and node GUIDs. This issue arises because the message size allocation does not account for the GUIDs when they are included in the netlink ifinfomessages, following the addition of VF GUID support. As a result, netlink messages can become too large to process, causing errors when attempting to send link requests.

Impact

The vulnerability can cause a denial-of-service condition by generating a 'Message too long' error when netlink messages exceed the allowable size, disrupting normal network operations.

Reproduction

The vulnerability can be reproduced by enabling Single Root I/O Virtualization (SR-IOV) on a network interface and then using the 'ip link' command to request link information. The 'sriov_numvfs' file can be used to allocate virtual functions, and when the 'ip link' command is executed, the kernel will respond with a 'Message too long' error, indicating that the netlink message size was not properly managed.