Can you explain this vulnerability to me?

This vulnerability exists in the Linux kernel's batman-adv component, specifically related to the handling of tp_meter sessions during mesh network teardown.

The issue occurs because tp_meter sessions remain linked after the netlink request has finished, and when the mesh interface is removed, the mesh teardown function does not properly stop these sessions first.

As a result, a running sender thread or a late incoming tp_meter packet can continue processing against a mesh instance that is already shutting down, which can lead to inconsistent or unexpected behavior.

The fix involves synchronizing the tp_meter sessions with the mesh lifetime by stopping all active sessions and waiting for sender threads to exit before continuing with the teardown.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can cause processing to continue on a mesh network instance that is already shutting down, potentially leading to unstable or unpredictable behavior in the network.

Such behavior might result in resource leaks, crashes, or data inconsistencies within the mesh networking component of the Linux kernel.

However, specific impacts such as data loss, security breaches, or denial of service are not explicitly detailed in the provided information.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The vulnerability is resolved by ensuring that all active tp_meter sessions are stopped and sender threads are waited on before the mesh teardown continues.

Immediate mitigation steps include updating the Linux kernel to a version where batman-adv properly stops tp_meter sessions during mesh teardown, preventing processing against a mesh instance that is shutting down.

Useful 0 Not Useful 0