lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CALm_T+1zdfZ8Z-c6WseOfhrZBsZHHR-5ZFGefkGcxgUmxZcBdQ@mail.gmail.com>
Date: Tue, 8 Jul 2025 15:34:53 +0800
From: Luka <luka.2016.cs@...il.com>
To: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, 
	Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>
Cc: Simon Horman <horms@...nel.org>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [Bug] soft lockup in netif_receive_skb_list_internal in Linux Kernel v6.15

Dear Linux Kernel Maintainers,

I hope this message finds you well.

I am writing to report a potential vulnerability I encountered during
testing of the Linux Kernel version v6.15.

Git Commit: 0ff41df1cb268fc69e703a08a57ee14ae967d0ca (tag: v6.15)

Bug Location: netif_receive_skb_list_internal+0x2d3/0xc90 net/core/dev.c:6105

Bug report: https://pastebin.com/SfxZ8pRX

Complete log: https://pastebin.com/e0ZLhhr6

Entire kernel config: https://pastebin.com/jQ30sdLk

Root Cause Analysis:

The soft lockup is triggered in netif_receive_skb_list_internal() due
to a logic error during concurrent packet processing in the softirq
context. Specifically, the function fails to exit or yield properly
when processing a large batch of SKBs (socket buffers), potentially
under contention for shared resources and lock acquisition. This
results in prolonged CPU occupation in interrupt context, as shown by
repeated attempts to acquire locks via lock_acquire() without forward
progress. The issue likely arises from inefficient list traversal and
insufficient interrupt mitigation, leading to starvation of other
system tasks and triggering watchdog detection of a soft lockup.

At present, I have not yet obtained a minimal reproducer for this
issue. However, I am actively working on reproducing it, and I will
promptly share any additional findings or a working reproducer as soon
as it becomes available.

Thank you very much for your time and attention to this matter. I
truly appreciate the efforts of the Linux kernel community.

Best regards,
Luka

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ