Primary

Context

Linux Kernel Macvlan Attribute Policy Vulnerability Leading to Heap Out-of-Bounds Read

Vulnerability

Patched

A vulnerability in the Linux kernel's macvlan driver allows for a heap out-of-bounds read. This issue arises from the IFLA_MACVLAN_BC_CUTOFF attribute, which was introduced to manage broadcast cutoff but lacked proper policy enforcement. As a result, a malicious user could manipulate the attribute to bypass length checks, potentially leading to memory corruption. This vulnerability mirrors the issues presented in CVE-2023-3773.

Impact

Exploitation of this vulnerability causes a heap out-of-bounds read, which can lead to memory corruption and potentially allow for arbitrary code execution.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version where this issue has been fixed.

Added: Oct 1, 2025, 1:40 PM

Updated: Oct 1, 2025, 1:40 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

4.0

remediation

7.7

relevance

0.6

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Macvlan Attribute Policy Vulnerability Leading to Heap Out-of-Bounds Read

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating