CVE-2024-58071

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> team: prevent adding a device which is already a team device lower<br /> <br /> Prevent adding a device which is already a team device lower,<br /> e.g. adding veth0 if vlan1 was already added and veth0 is a lower of<br /> vlan1.<br /> <br /> This is not useful in practice and can lead to recursive locking:<br /> <br /> $ ip link add veth0 type veth peer name veth1<br /> $ ip link set veth0 up<br /> $ ip link set veth1 up<br /> $ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1<br /> $ ip link add team0 type team<br /> $ ip link set veth0.1 down<br /> $ ip link set veth0.1 master team0<br /> team0: Port device veth0.1 added<br /> $ ip link set veth0 down<br /> $ ip link set veth0 master team0<br /> <br /> ============================================<br /> WARNING: possible recursive locking detected<br /> 6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted<br /> --------------------------------------------<br /> ip/7684 is trying to acquire lock:<br /> ffff888016848e00 (team-&gt;team_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> <br /> but task is already holding lock:<br /> ffff888016848e00 (team-&gt;team_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)<br /> <br /> other info that might help us debug this:<br /> Possible unsafe locking scenario:<br /> <br /> CPU0<br /> ----<br /> lock(team-&gt;team_lock_key);<br /> lock(team-&gt;team_lock_key);<br /> <br /> *** DEADLOCK ***<br /> <br /> May be due to missing lock nesting notation<br /> <br /> 2 locks held by ip/7684:<br /> <br /> stack backtrace:<br /> CPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46<br /> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014<br /> Call Trace:<br /> <br /> dump_stack_lvl (lib/dump_stack.c:122)<br /> print_deadlock_bug.cold (kernel/locking/lockdep.c:3040)<br /> __lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)<br /> ? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)<br /> lock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> ? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> ? lock_acquire (kernel/locking/lockdep.c:5822)<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> __mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> ? fib_sync_up (net/ipv4/fib_semantics.c:2167)<br /> ? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)<br /> notifier_call_chain (kernel/notifier.c:85)<br /> call_netdevice_notifiers_info (net/core/dev.c:1996)<br /> __dev_notify_flags (net/core/dev.c:8993)<br /> ? __dev_change_flags (net/core/dev.c:8975)<br /> dev_change_flags (net/core/dev.c:9027)<br /> vlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)<br /> ? br_device_event (net/bridge/br.c:143)<br /> notifier_call_chain (kernel/notifier.c:85)<br /> call_netdevice_notifiers_info (net/core/dev.c:1996)<br /> dev_open (net/core/dev.c:1519 net/core/dev.c:1505)<br /> team_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)<br /> ? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)<br /> do_set_master (net/core/rtnetlink.c:2917)<br /> do_setlink.isra.0 (net/core/rtnetlink.c:3117)