DragonFlyBSD Kernel Audit
← dashboard
DF-0319

Lockless torn reads of multi-word struct wg_endpoint in fast paths

Summary

wg_peer_set_endpoint(:750)/get_endpoint(:761) unlocked memcmp of entire struct wg_endpoint(28+ bytes) before lock. Concurrent writer under lock -> torn read -> mixed endpoint address. AEAD encryption prevents confidentiality leak. Reliability issue only.