Linux Kernel Bridge LAG State Check Vulnerability Causes Denial-of-Service Crash

Vulnerability

A vulnerability in the Linux kernel's handling of bridge Layer Aggregation Group (LAG) devices can lead to a denial-of-service crash. This issue arises when a LAG device is removed from a bridge, triggering a NETDEV_CHANGEUPPER event. The driver attempts to flush offloaded entries by checking the status of lower devices. If one of the Physical Functions (PFs) is unloaded, the check fails, causing the flush to be skipped. Meanwhile, the bridge's Forwarding Database (FDB) entry remains active, prompting the driver to repeatedly send update events. This cycle eventually crashes the system by accessing a bond netdev that has already been destroyed.

Impact

The vulnerability causes a system crash by accessing a destroyed network device, disrupting normal operations and potentially leading to a system failure.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Bridge LAG State Check Vulnerability Causes Denial-of-Service Crash

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating