Linux Kernel Data-Race Vulnerability in Socket Layer

A vulnerability has been identified in the Linux kernel's handling of socket data, specifically within the TCP, UDP, and AF_UNIX protocols. This issue arises from concurrent modifications and accesses to the 'data_ready' and 'write_space' pointers of socket structures, which can lead to data races. The vulnerability affects the Linux kernel stable tree and has been addressed by adding appropriate 'READ_ONCE()' and 'WRITE_ONCE()' annotations to ensure safe access to these pointers. The issue was reported by syzbot and is related to the generic sk_msg interface used by BPF and sockmap.

Impact

The vulnerability could lead to undefined behavior due to data races, where concurrent reads and writes to shared data can cause inconsistencies and unpredictable results in the affected socket layers.

Remediation

Users can upgrade to the latest version of the Linux kernel stable tree, where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel official website.