Linux Kernel Deadlock Vulnerability in VLAN Flag Propagation

A deadlock vulnerability has been identified in the Linux kernel related to VLAN flag propagation. When the device instance lock is held, propagating VLAN flags during the 'ndo_open' operation can lead to a deadlock. This issue arises because the 'ip' command can inadvertently cause recursive locking by first acquiring the device lock and then attempting to acquire it again, creating a deadlock scenario. The vulnerability is present in Linux kernel version 6.14.0-rc5-01215-g032756b4ca7a-dirty.

Impact

Exploitation of this vulnerability can lead to a deadlock condition, causing the system to hang or become unresponsive.

Reproduction

The vulnerability can be reproduced by creating a new netdevsim device and then adding a VLAN device on top of it. When the VLAN device is brought up, it propagates its 'allmulti' flag to the underlying device, which can cause a deadlock by recursively locking the device instance lock.