Primary

Context

Linux Kernel Out-of-Bounds Read Vulnerability in IP Checksum Handling for Arm64 Architecture

Vulnerability

Patched

A vulnerability in the Linux kernel's IP checksum processing for Arm64 has been identified, where negative length inputs can lead to out-of-bounds reads. This issue arises in the 'do_csum' function within the 'arch/arm64/lib/csum.c' file. The vulnerability was introduced in version 6.4.0-rc4 and affects the stable branch of the Linux kernel.

Impact

Exploitation of this vulnerability causes a slab-out-of-bounds read, which can potentially lead to information disclosure or memory corruption.

Reproduction

The vulnerability can be reproduced by sending a packet with a negative length value through the UDP protocol. This can be done using a fuzzing tool like Syzkaller, which has already demonstrated the issue.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched.

Added: Oct 22, 2025, 2:30 PM

Updated: Oct 22, 2025, 2:30 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

7.7

relevance

0.8

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Out-of-Bounds Read Vulnerability in IP Checksum Handling for Arm64 Architecture

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating