Linux Kernel XDP Redirect List Flush Vulnerability

A vulnerability in the Linux kernel's handling of the XDP_REDIRECT feature has been identified, leading to a crash caused by list_add corruption. This issue, present in version 6.12.33-cloudflare-2025.6.3, occurs when the kernel improperly manages the XDP redirect lists, causing a kernel bug related to list integrity. The corruption can trigger a kernel crash, indicating a serious flaw in the list management within the XDP processing.

Impact

Exploitation of this vulnerability causes a kernel crash due to list management corruption, disrupting system operations and potentially leading to a denial of service.

Reproduction

The vulnerability can be reproduced by using the XDP_REDIRECT feature in the affected Linux kernel version. This can be done by configuring a network interface to use XDP and then redirecting packets, which will trigger the list corruption issue. Monitoring the system logs will reveal the list_add corruption error and the subsequent kernel crash.