Linux Kernel net/mlx5 Switchdev Mode Rollback Vulnerability Causes Kernel Bug

A vulnerability in the Linux kernel's handling of switchdev mode for Mellanox mlx5 devices can lead to a kernel bug. When switchdev mode fails, the system rolls back to legacy mode. However, the rollback process previously unregistered the uplink network device, leaving it in an unregistered state and causing a kernel error. The issue arises because the rollback does not properly indicate the transition to legacy mode, leading to the unregistration of the uplink netdev. This vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability causes a kernel bug by leaving the uplink network device unregistered after a failed switchdev mode transition, leading to a kernel crash.

Reproduction

To reproduce this vulnerability, attempt to switch a Mellanox mlx5 device to switchdev mode. If the operation fails, the system will automatically revert to legacy mode. However, due to the improper handling of the rollback process, the uplink network device will be unregistered and left in an unregistered state, causing a kernel bug. This issue can be observed by monitoring the network device status and the kernel logs for error messages related to the unregistered device.

Remediation

The vulnerability has been addressed in the Linux kernel by modifying the switchdev mode rollback process. Users should upgrade to the latest version of the Linux kernel stable tree where this fix has been applied.