Linux Kernel Netfilter Incorrect Arithmetic Vulnerability in VLAN Header Processing

Vulnerability

A vulnerability in the Linux kernel's netfilter component was introduced by improper arithmetic when handling VLAN header bits. This issue arises if the combined offset and length exceed the Ethernet and VLAN header limits. In such cases, the length is modified to copy only the bytes within the VLAN Ethernet header scratchpad area, while any excess bytes are taken directly from the skbuff data area. The vulnerability has been addressed by correcting the arithmetic operation to subtract, rather than add, the VLAN header size for double-tagged packets, ensuring the length is accurately adjusted.

Impact

Exploitation of this vulnerability could lead to incorrect processing of network packets, potentially allowing for manipulation of VLAN-tagged traffic.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Netfilter Incorrect Arithmetic Vulnerability in VLAN Header Processing

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating