| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALm_T+2yh+PoxuCmSch8rgaZud6N4DBmA8OG9BdLvVu_F-EJ9A@mail.gmail.com> Date: Tue, 8 Jul 2025 15:45:59 +0800 From: Luka <luka.2016.cs@...il.com> To: Willem de Bruijn <willemdebruijn.kernel@...il.com>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com> Cc: Simon Horman <horms@...nel.org>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [Bug] soft lockup in packet_rcv in Linux kernel v6.15 Dear Linux Kernel Maintainers, I hope this message finds you well. I am writing to report a potential vulnerability I encountered during testing of the Linux Kernel version v6.15. Git Commit: 0ff41df1cb268fc69e703a08a57ee14ae967d0ca (tag: v6.15) Bug Location: packet_rcv+0x3d1/0x1590 net/packet/af_packet.c:2208 Bug report: https://pastebin.com/vLWYxByZ Entire kernel config: https://pastebin.com/jQ30sdLk Root Cause Analysis: The packet_rcv() function causes a soft lockup due to prolonged execution of BPF filter evaluation in the packet receive path, potentially resulting in unbounded CPU consumption under specific traffic or filter configurations without yielding. At present, I have not yet obtained a minimal reproducer for this issue. However, I am actively working on reproducing it, and I will promptly share any additional findings or a working reproducer as soon as it becomes available. Thank you very much for your time and attention to this matter. I truly appreciate the efforts of the Linux kernel community. Best regards, Luka
Powered by blists - more mailing lists