Linux Kernel MPTCP Scheduling Vulnerability in Timestamp Socket Options

A vulnerability in the Linux kernel's Multipath TCP (MPTCP) implementation has been addressed. The issue arose from using 'lock_sock_fast()' in an atomic context while setting timestamps on sockets, which is unsafe because the timestamping functions can block. This vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability could lead to a kernel panic by causing a deadlock situation, where the system becomes unresponsive due to processes being stuck in a waiting state.

Reproduction

The vulnerability can be reproduced by applying the patch that introduces the issue, which involves using 'lock_sock_fast()' around 'sock_set_timestamp()' and 'sock_set_timestamping()'. This can be done by modifying the MPTCP socket option handling to use the fast lock, creating a scenario where the functions are called in a way that can cause the kernel to panic.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.