A recent vulnerability has been discovered and resolved in the Linux kernel that affects tcp_allowed_congestion_control. The impacted Linux kernel components are net: Make tcp_allowed_congestion_control readonly in non-init netns. This article will delve into the details of the vulnerability, code snippets, and links to original references for a better understanding.

Vulnerability Details

The vulnerability arises due to tcp_allowed_congestion_control being global and writable; any modifications in a net namespace will consequently leak into all the other net namespaces. Both tcp_available_congestion_control and tcp_allowed_congestion_control have NULL data pointers in the ipv4_net_table (per-netns sysctl table), causing their handlers (proc_tcp_available_congestion_control and proc_allowed_congestion_control) to function globally.

To rectify this vulnerability, the data pointer updating logic is prevented from applying to NULL pointers, effectively making these entries read-only. This read-only solution should be adequate, as the original intention of the commit was to read and understand which congestion algorithms are available or allowed.

Link to the original reference: Linux Kernel Commit

Code Snippet

// To make tcp_allowed_congestion_control read-only,
// adjust the code as follow:

static struct ctl_table ipv4_net_table[] = {
    {
		.procname	= "tcp_allowed_congestion_control",
		.mode		= 0444, // Change from 0644 to 0444
		.proc_handler	= proc_allowed_congestion_control,
    },
    ...
};

Exploit Details

No known exploits are currently circulating for this vulnerability, as it has been resolved before any exploitation. However, if not patched, it could have led to potential leakage of data between net namespaces, making it easier for attackers to gain access to sensitive information in other net namespaces.

Conclusion

It is essential to keep an eye on security vulnerabilities, such as CVE-2021-46912, within the Linux kernel and other software components. By understanding the details and staying updated with patches, you can maintain a secure working environment and mitigate potential threats. Make sure to apply the latest kernel updates to protect your systems from any known vulnerabilities.

Timeline

Published on: 02/27/2024 07:15:07 UTC
Last modified on: 04/17/2024 16:53:39 UTC