Linux Kernel Open vSwitch Unsafe Attribute Parsing Vulnerability in Userspace Output

Vulnerability

A vulnerability in the Linux kernel's Open vSwitch component was introduced by improper parsing of Netlink attributes in the output_userspace() function. This issue has been addressed by replacing the manual iteration of Netlink attributes with a nested attribute iteration method, ensuring that only well-formed attributes are processed.

Impact

The vulnerability could lead to improper handling of Netlink attributes, potentially allowing for exploitation through malformed attribute data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Open vSwitch Unsafe Attribute Parsing Vulnerability in Userspace Output

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating