Linux Kernel IPv6 Forwarding Null Interface Panic Vulnerability

A kernel panic vulnerability has been identified in the Linux kernel's IPv6 forwarding function. This issue occurs when a packet is forwarded from an input interface that lacks an associated IPv6 device. The vulnerability was reproduced using traffic control commands that corrupted packet data on a specific virtual extensible LAN (VXLAN) interface.

Impact

Exploitation of this vulnerability leads to a kernel panic, causing a denial of service by abruptly terminating the kernel process handling the IPv6 packet forwarding.

Reproduction

The vulnerability can be reproduced by deleting the default queuing discipline on the VXLAN interface, then adding a new queuing discipline that introduces packet corruption. This sequence of actions triggers the kernel panic in the IPv6 forwarding function.