CVE-2021-47590

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a deadlock in the mptcp push pending() function, which may call mptcp flush join list() with the subflow socket lock held. If this call hits mptcp sockopt sync all(), then subsequently mptcp sockopt sync() could try to lock the subflow socket for itself, causing a deadlock. The sysrq shows a blocked state, and the call trace indicates the involvement of several functions, including schedule, lock sock, and mptcp sockopt sync all. The issue can be fixed by using mptcp flush join list() instead of plain mptcp flush join list() inside mptcp push pending(), as suggested by Florian, which defers the sockopt sync to the workqueue.

Recommendations To resolve the issue, use mptcp flush join list() instead of plain mptcp flush join list() inside mptcp push pending(). This change defers the sockopt sync to the workqueue, preventing the deadlock.

Note: Since the affected versions are not specified, it is recommended to apply this fix to all versions of the Linux kernel where the mptcp push pending() function is used.