Linux Kernel RXRPC IRQ-Disabled Vulnerability in MTU Assessment

Vulnerability

A vulnerability in the Linux kernel's RXRPC implementation has been addressed. The issue arose because the 'rxrpc_assess_MTU_size()' function, which determines the Maximum Transmission Unit (MTU) size for a route, was called while interrupts were disabled. This created a conflict with the IP layer, which uses 'local_bh_enable()'—a function that can issue a warning if interrupts are enabled. The vulnerability was resolved by repositioning the MTU assessment call to a point in the process where interrupts are not disabled.

Impact

The vulnerability could lead to improper handling of network interrupts, potentially causing issues in packet processing or network communication.

Added: Aug 16, 2025, 12:46 PM

Updated: Aug 16, 2025, 12:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

7.7

relevance

0.4

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RXRPC IRQ-Disabled Vulnerability in MTU Assessment

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating