CVE-2024-26596: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-26596 is a vulnerability in the Linux kernel's Distributed Switch Architecture (DSA) subsystem. The issue was discovered in February 2024 and affects Linux kernel versions from 6.1.0 up to (excluding) 6.7.2. The vulnerability stems from an improper netdev_priv() dereference before checking non-DSA netdevice events (NVD).

The vulnerability occurs when the kernel performs a netdev_priv() dereference for every NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER event in the system. The issue arises because not all net_devices have a netdev_priv() of type struct dsa_user_priv. While most drivers allocate sufficient private memory, the dummy interface calls alloc_netdev() with a priv size of 0, making every netdev_priv() dereference invalid. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (Kernel Git).

When exploited, this vulnerability can lead to a kernel oops (system crash) when attempting to create a VLAN interface on a dummy network device. This results in a denial of service condition, particularly when emitting a NETDEV_PRECHANGEUPPER event with a VLAN as its new upper interface (Kernel Git).

The vulnerability has been fixed in the Linux kernel by modifying the code to perform the type check before dereferencing netdev_priv(). The fix involves moving the dereference operation after the dsa_user_dev_check() verification. Users should upgrade to Linux kernel version 6.7.2 or later, or apply the appropriate backported patches (Kernel Git).