Linux Kernel PREEMPT_RT BPF Cpu Map Race Condition Vulnerability

A race condition vulnerability has been identified in the Linux kernel's BPF (Berkeley Packet Filter) subsystem, specifically within the CPU map handling on PREEMPT_RT kernels. This vulnerability allows concurrent access to the per-CPU XDP (eXpress Data Path) bulk queue by multiple preemptible tasks on the same CPU, leading to potential data corruption and inconsistencies.

Impact

Exploitation of this vulnerability can cause a kernel oops, which is a serious error indicating a problem in the kernel that could lead to a system crash or instability.

Reproduction

To reproduce this vulnerability, insert a delay of 100 milliseconds between resetting the bulk queue count and clearing the flush node in the 'bq_flush_to_queue' function. Then, run the provided reproducer from Syzkaller, a tool for finding vulnerabilities in kernel code.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for downloading the patched version are available on the Linux kernel official website.