Linux Kernel Vmxnet3 Packet Corruption Vulnerability in XDP Transmission

Vulnerability

A vulnerability in the Linux kernel's vmxnet3 virtual network driver has been addressed, which caused packet corruption when using native eBPF programs with XDP (Express Data Path) encapsulation headers, such as IPIP. This issue disrupted connectivity with Cilium's service load balancing. The corruption occurred because the function 'vmxnet3_xdp_xmit_frame' calculated an incorrect DMA address for the transmitted packet. The vulnerability arose from a static offset assumption, which did not account for potential data movement by the XDP program, leading to dropped packets.

Impact

Exploitation of this vulnerability caused packet corruption, with affected packets being dropped, leading to connectivity issues.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Vmxnet3 Packet Corruption Vulnerability in XDP Transmission

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating