Linux Kernel Virtio VSOCK Credit Calculation Underflow Vulnerability

A vulnerability in the Linux kernel's virtio VSOCK implementation can lead to a credit calculation underflow in the function 'virtio_transport_get_credit()'. This issue arises because the credit calculation uses unsigned arithmetic. If the peer reduces its advertised buffer while data is in transit, the subtraction can underflow, resulting in a large positive value. This could potentially allow more data to be queued than the peer can manage. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could disrupt the proper flow control in VSOCK communication, allowing for more data to be sent than the receiving peer can handle, which could lead to data loss or corruption.

Reproduction

The vulnerability can be reproduced by initiating a VSOCK connection where one peer dynamically reduces its buffer allocation while data is being transmitted. This scenario will trigger the underflow in the credit calculation, allowing more data to be queued than the peer can process.

Remediation

Users can update to the latest version of the Linux kernel stable tree, where this vulnerability has been addressed.