Linux Kernel Open vSwitch MPLS Parsing Infinite Loop Vulnerability

Vulnerability

A vulnerability in the Linux kernel's Open vSwitch component has been fixed, addressing an infinite loop issue in MPLS packet parsing. The problem arose when MPLS packets did not conclude with the bottom label stack, leading to a deadlock scenario. This occurred because the label count value had wrapped around, causing a soft lockup where the CPU became unresponsive. The issue was identified as an array index out-of-bounds error, with the stack backtrace indicating the loop's origin in the Open vSwitch flow handling.

Impact

Exploitation of this vulnerability caused a soft lockup, where the CPU became stuck and unresponsive, disrupting normal system operations.

Added: Jul 3, 2025, 10:08 AM

Updated: Jul 3, 2025, 10:08 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Open vSwitch MPLS Parsing Infinite Loop Vulnerability

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating