Wind River Support Network

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]netlink: annotate lockless accesses to nlk->max_recvmsg_len[EOL][EOL]syzbot reported a data-race in data-race in netlink_recvmsg() [1][EOL][EOL]Indeed, netlink_recvmsg() can be run concurrently,[EOL]and netlink_dump() also needs protection.[EOL][EOL][1][EOL]BUG: KCSAN: data-race in netlink_recvmsg / netlink_recvmsg[EOL][EOL]read to 0xffff888141840b38 of 8 bytes by task 23057 on cpu 0:[EOL]netlink_recvmsg+0xea/0x730 net/netlink/af_netlink.c:1988[EOL]sock_recvmsg_nosec net/socket.c:1017 [inline][EOL]sock_recvmsg net/socket.c:1038 [inline][EOL]__sys_recvfrom+0x1ee/0x2e0 net/socket.c:2194[EOL]__do_sys_recvfrom net/socket.c:2212 [inline][EOL]__se_sys_recvfrom net/socket.c:2208 [inline][EOL]__x64_sys_recvfrom+0x78/0x90 net/socket.c:2208[EOL]do_syscall_x64 arch/x86/entry/common.c:50 [inline][EOL]do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80[EOL]entry_SYSCALL_64_after_hwframe+0x63/0xcd[EOL][EOL]write to 0xffff888141840b38 of 8 bytes by task 23037 on cpu 1:[EOL]netlink_recvmsg+0x114/0x730 net/netlink/af_netlink.c:1989[EOL]sock_recvmsg_nosec net/socket.c:1017 [inline][EOL]sock_recvmsg net/socket.c:1038 [inline][EOL]____sys_recvmsg+0x156/0x310 net/socket.c:2720[EOL]___sys_recvmsg net/socket.c:2762 [inline][EOL]do_recvmmsg+0x2e5/0x710 net/socket.c:2856[EOL]__sys_recvmmsg net/socket.c:2935 [inline][EOL]__do_sys_recvmmsg net/socket.c:2958 [inline][EOL]__se_sys_recvmmsg net/socket.c:2951 [inline][EOL]__x64_sys_recvmmsg+0xe2/0x160 net/socket.c:2951[EOL]do_syscall_x64 arch/x86/entry/common.c:50 [inline][EOL]do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80[EOL]entry_SYSCALL_64_after_hwframe+0x63/0xcd[EOL][EOL]value changed: 0x0000000000000000 -> 0x0000000000001000[EOL][EOL]Reported by Kernel Concurrency Sanitizer on:[EOL]CPU: 1 PID: 23037 Comm: syz-executor.2 Not tainted 6.3.0-rc4-syzkaller-00195-g5a57b48fdfcb #0[EOL]Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023