Linux Kernel MPLS RCU Dereference Vulnerability

A vulnerability in the Linux kernel's MPLS (Multiprotocol Label Switching) implementation has been addressed. The issue arose because the function 'mpls_route_input_rcu()' was not properly synchronizing with the RTNL (Route Netlink) updates, leading to a warning about suspicious RCU (Read-Copy-Update) usage. This vulnerability could potentially be exploited by manipulating the MPLS routing under certain conditions.

Impact

The vulnerability could lead to improper handling of RCU references, potentially causing synchronization issues or allowing for exploitation scenarios that take advantage of these mismanaged references.

Reproduction

The vulnerability can be reproduced by invoking 'mpls_route_input_rcu()' from 'mpls_getroute()' while the RTNL updates are not properly synchronized. This can be done by manipulating the MPLS routing labels under the RTNL, causing the 'mpls_route_input_rcu()' function to reference data that may not be current or valid, thereby triggering the RCU warning.

Remediation

Users should update to the latest version of the Linux kernel where this vulnerability has been fixed.