Linux Kernel RDS Subsystem Reconnect Pending Bit Management Vulnerability

A vulnerability exists in the Linux kernel's Reliable Datagram Sockets (RDS) subsystem regarding the management of the reconnect pending bit. When the reconnect worker is canceled, it is crucial to reset the reconnect-pending bit. Failure to do so can result in the bit remaining set indefinitely, particularly if the worker has not yet been scheduled. This issue has been addressed in the Linux kernel stable tree.

Impact

The vulnerability could lead to a denial of service condition where the system incorrectly maintains a state of pending reconnection, potentially causing unnecessary resource usage or delays in network communication.

Reproduction

The vulnerability can be reproduced by canceling the reconnect worker of an RDS connection before it has been scheduled. This can be done by invoking the shutdown procedure of an RDS connection, which cancels the reconnect worker but fails to reset the reconnect-pending bit, leaving it in a permanent 'on' state.

Remediation

Users can upgrade to the latest version of the Linux kernel where this issue has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.