Linux Kernel Crypto af_alg Memory Initialization Vulnerability

A vulnerability exists in the Linux kernel's crypto subsystem, specifically within the af_alg component. Several user API contexts and requests allocated with sock_kmalloc() were left uninitialized, creating a reliance on callers to explicitly set fields. This oversight led to the use of uninitialized data in certain error paths and could cause issues when new fields are introduced in the future. The vulnerability particularly affects the 'inflight' variable in the af_alg_ctx, which, due to the lack of proper initialization, contained garbage values. This mismanagement caused the function af_alg_alloc_areq() to erroneously return -EBUSY under certain conditions, disrupting normal operations.

Impact

The vulnerability can lead to incorrect behavior in the af_alg component, specifically by causing the function af_alg_alloc_areq() to randomly return -EBUSY, indicating that a resource is busy when it may not be.

Reproduction

The vulnerability can be reproduced by allocating a crypto user API context using sock_kmalloc() without proper initialization. This can be done by creating a user-space application that interacts with the crypto af_alg interface, specifically through the algif_kpp or algif_akcipher files, which are part of the ACVP patches and also rely on correct initialization. The uninitialized 'inflight' variable will then cause af_alg_alloc_areq() to incorrectly return -EBUSY, simulating a busy resource condition.

Remediation

The vulnerability has been addressed by modifying the af_alg allocation function to include a memory zeroing step, ensuring that all fields, including the 'inflight' variable, are properly initialized before use. Users should update to the latest version of the Linux kernel where this fix has been applied.