Linux Kernel QRTR Namespace Server Registration Limit Vulnerability

A vulnerability in the Linux kernel's QRTR (Queuing Radio Transmission Protocol) implementation allows for denial of service. The issue arises because the current code does not limit the number of server registrations per node. This lack of bounds checking can be exploited by a malicious client that floods the system with NEW_SERVER messages, leading to memory exhaustion. The vulnerability is present in the Linux kernel stable tree.

Impact

Exploitation of this vulnerability can cause memory exhaustion, potentially leading to a denial-of-service condition where the system becomes unresponsive or unable to allocate memory for critical processes.

Reproduction

The vulnerability can be reproduced by sending a high volume of NEW_SERVER messages to a node, which will overwhelm the system's memory resources. This can be done programmatically or using network tools that allow for message flooding.

Remediation

The vulnerability has been addressed by limiting the maximum number of server registrations to 256 per node. This change has been implemented in the Linux kernel stable tree.