Linux Kernel WireGuard Exit Callback Racial Deadlock Vulnerability

A deadlock vulnerability has been identified in the Linux kernel's WireGuard implementation. The issue arises in the network namespace exit process, where a manual lock is applied. This can lead to a hung task if another thread is already holding the lock, causing certain cleanup operations to block indefinitely. The vulnerability affects the Linux kernel WireGuard device management, specifically in the handling of network namespace exits.

Impact

The vulnerability can cause a hung task, leading to indefinite blocking in the network namespace exit process, which can disrupt normal operations and cause delays in cleanup tasks.

Reproduction

The vulnerability can be reproduced by manually triggering the exit of a network namespace that is still referenced by a WireGuard device. This can be done by creating a WireGuard device that references a network namespace, then manually exiting that namespace while another thread holds the RTNL mutex. The result will be a hung task that blocks indefinitely, waiting to acquire the lock.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation.