Linux Kernel Open vSwitch Negative Interface Index Vulnerability

A vulnerability in the Linux kernel's Open vSwitch (OVS) component allows the creation of network devices with negative interface index values. This issue arises because OVS does not properly validate interface index inputs. Recent changes in the kernel's net-next branch refactored how pre-assigned interface indexes are handled, exposing this latent problem. The vulnerability can be reproduced using the YNL tool by specifying a negative interface index value when creating a new virtual port.

Impact

Exploitation of this vulnerability could lead to the creation of network devices with invalid negative interface indexes, potentially causing unexpected behavior in network management and operations.

Reproduction

The vulnerability can be reproduced by using the YNL tool to create a new Open vSwitch datapath and then adding a virtual port with a negative interface index value. This process involves sending specific JSON payloads that include the negative index value, which OVS will accept due to the lack of validation.

Remediation

Users can update to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for updating the kernel can be found in the official Linux documentation.