Linux Kernel TEAM_OPTION_TYPE_STRING Validation Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of user-provided string data has been addressed. This issue, reported by syzbot, involved improper validation that allowed uninitialized data to be processed, potentially leading to undefined behavior. The vulnerability was traced through several kernel functions, ultimately affecting the 'team' networking driver.

Impact

Exploitation of this vulnerability could lead to the introduction of uninitialized data into kernel functions, potentially causing memory corruption or other undefined behavior.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel TEAM_OPTION_TYPE_STRING Validation Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating