Linux Kernel VXLAN Forwarding Database Data Race Vulnerability

A data race vulnerability has been identified in the Linux kernel's VXLAN implementation, specifically within the Forwarding Database (FDB) entry structure. The 'used' and 'updated' fields can be accessed concurrently by multiple threads, leading to potential inconsistencies. This vulnerability was reported by the Kernel Concurrency Sanitizer, highlighting a data race during the VXLAN transmission process. The issue can be reproduced by creating a VXLAN interface, adding a MAC address to the bridge FDB, and then concurrently sending packets from multiple CPU cores using a tool called 'mausezahn'.

Impact

Exploitation of this vulnerability can lead to concurrent access issues, causing data races that may disrupt normal VXLAN packet forwarding operations.

Reproduction

The vulnerability can be reproduced by adding a VXLAN interface and then concurrently sending packets from multiple CPU cores to a MAC address that has been added to the bridge's Forwarding Database. This can be done using the 'mausezahn' tool, which allows for high-speed packet transmission.

Remediation

The vulnerability has been addressed by annotating the FDB access in the VXLAN implementation with READ_ONCE() and WRITE_ONCE() to prevent concurrent data races.