Linux Kernel Bonding Header Parsing Infinite Loop Vulnerability

A vulnerability in the Linux kernel's bonding driver can lead to a potential infinite loop in the header parsing function. This issue arises when two bonding devices are stacked, causing the parsing function to recursively loop indefinitely. The problem occurs because the parsing function always references the top of the device hierarchy, rather than the specific device being processed. To address this, a new parameter has been added to the parsing method, ensuring that the recursion is limited and that the final parsing function for the leaf device is correctly called.

Impact

The vulnerability can cause a stack overflow due to infinite recursion, potentially leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by setting up a stack of two bonding devices and then initiating a header parse operation. The bonding header parse function will enter an infinite loop, as it continuously references the top of the device hierarchy instead of the individual devices in the stack.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed.