Linux Kernel Deconfigured Socket Handling Vulnerability in x86 Platform

A vulnerability in the Linux kernel's handling of deconfigured sockets on x86 platforms can lead to a system panic. When a socket is deconfigured, it is represented as SOCK_EMPTY, which causes a crash during the allocation of UV hub information structures. This issue has been addressed by modifying the allocation process to use NUMA_NO_NODE, enabling the UV hub information to be allocated on valid nodes.

Impact

The vulnerability can cause a system panic, disrupting normal operations and potentially leading to a denial of service.

Reproduction

To reproduce this issue, deconfigure a socket on an x86 platform running the affected Linux kernel. The socket will be mapped to SOCK_EMPTY, which can be verified. When the system attempts to allocate UV hub information structures, the allocation will fail, causing a panic. This can be observed in the system logs, where the panic will be recorded.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for upgrading the kernel can be found in the official Linux documentation.