Gerrard Tai

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: A race condition has been identified in the Linux kernel's PRIO component, specifically when the SFQ perturb timer fires at an inappropriate time. This issue can be exploited to underflow a parent's qlen. The race occurs between two CPUs when one locks the root, flushes the qdisc tree backlog, and then unlocks the root, while the other CPU locks the root, rehashes, reduces the qdisc tree backlog, and then the first CPU puts the qdisc. To fix this issue, calling `qdisc purge queue()` instead of `qdisc tree flush backlog()` should resolve the race by purging all packets from the qdisc before releasing the lock. Recommendations: As a temporary workaround, consider modifying the code to call `qdisc purge queue()` instead of `qdisc tree flush backlog()` to prevent the race condition. At the moment, there is no information about a newer version that contains a fix for this vulnerability.