Linux Kernel VXLAN Uninitialized Value Vulnerability in Netlink Message Handling

Vulnerability

A vulnerability in the Linux kernel's VXLAN (Virtual Extensible LAN) implementation has been identified, specifically in the netlink message handling. The issue arises in the function 'vxlan_vnifilter_dump()', where the function can access bytes beyond the intended message payload. This occurs if the netlink message payload length is less than the size of the expected structure, leading to the potential exposure of uninitialized memory. The vulnerability has been addressed by modifying the function to return an error in such cases.

Impact

Exploitation of this vulnerability could lead to accessing uninitialized memory, which may cause unpredictable behavior in the kernel or potentially be exploited to execute arbitrary code.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel VXLAN Uninitialized Value Vulnerability in Netlink Message Handling

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating