Linux Kernel RTL8150 USB Driver Multicast Queue Management Vulnerability

A vulnerability has been identified in the Linux kernel's RTL8150 USB driver, specifically in the handling of multicast queue management. The issue arises from the 'ndo_set_rx_mode' callback, which improperly manipulates the transmission queue synchronization. This mismanagement can lead to a warning during the transmission process, as reported by syzbot. The problem occurs because the 'rtl8150_set_multicast' function wakes up the transmission queue before the previous USB transmission is completed, causing a double submission of the same data. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause a warning to be issued during the transmission process, indicating a problem with the queue management. This could potentially disrupt normal network operations by causing delays or errors in data transmission.

Reproduction

The vulnerability can be reproduced by using a network device that relies on the RTL8150 USB driver. When multicast is set for the device, the driver improperly stops and then immediately wakes up the transmission queue. This sequence creates a warning about double submission of a USB transmission, highlighting the flawed queue management.

Remediation

Users can update to the latest version of the Linux kernel, where this vulnerability has been addressed. Instructions for downloading the patched version can be found on the official Linux kernel website.