Primary

Context

Linux Kernel Unresolved Entries Wild Memory Access Vulnerability Leading to Denial-of-Service

Vulnerability

A vulnerability in the Linux kernel's IP multicast routing (ipmr) implementation can lead to a denial-of-service condition. The issue arises when the function 'mr_mfc_uses_dev()' is called for unresolved entries, which can cause a kernel crash. This happens because the function attempts to access data that is not properly initialized, leading to a wild memory access. The vulnerability has been present in the kernel version 6.13.0-rc7.

Impact

Exploitation of this vulnerability causes a kernel crash, leading to a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by invoking the 'mr_mfc_uses_dev()' function with unresolved multicast forwarding cache entries. This can be done through netlink messages that trigger the 'ipmr_rtm_dumproute' function, which processes routing table dumps and can inadvertently access unresolved entries, causing a crash.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.7

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Unresolved Entries Wild Memory Access Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating