NetBSD Opencrypto Subsystem Race Condition Vulnerability Leading to Double-Free

A race condition vulnerability has been identified in the NetBSD opencrypto subsystem, prior to commit ec8451e. This vulnerability allows local attackers on SMP systems to trigger a double-free condition by concurrently issuing CIOCCRYPT operations on the same session identifier. The vulnerability arises from mutable per-operation state embedded in the csession structure, which can be exploited to corrupt kernel heap memory.

Impact

Exploitation of this vulnerability causes a kernel panic and heap corruption, which can be leveraged for further exploitation, such as privilege escalation.

Reproduction

The vulnerability can be reproduced by opening a file descriptor for '/dev/crypto' and creating a compression session. Then, while one thread issues CIOCCRYPT operations using the session, another thread can concurrently free the session, leading to a use-after-free condition. Additionally, the vulnerability can be reproduced by exploiting an integer overflow in the 'cryptodev_op' function, which causes a NULL pointer dereference.

Remediation

Users should update to the latest version of NetBSD, where this vulnerability has been patched.