Volerion logoVolerion
Volerion logoVolerion

Linux Kernel XFRM State Pointer Initialization Vulnerability

Vulnerability

A vulnerability in the Linux kernel's XFRM (IPsec) state management has been addressed. The issue arose because the state pointers were not initialized early enough in the state lookup process. This delay could lead to problems in a preemptive environment, where the lookup could switch CPUs and cause the wrong state to be cached and subsequently ignored. The vulnerability has been fixed by ensuring the state pointers are initialized right after acquiring a read lock, preventing future misuse.

Impact

The vulnerability could lead to a use-after-free condition, allowing for memory corruption or arbitrary code execution.

Reproduction

The vulnerability can be reproduced by triggering a preemption during the XFRM state lookup process. This can be done by initiating a lookup on one CPU while another CPU is handling a different XFRM state, causing a mismatch that the vulnerability exploits.

Remediation

Users can upgrade to the latest stable version of the Linux kernel to address this vulnerability.

Added: Aug 22, 2025, 4:28 PM
Updated: Aug 22, 2025, 6:57 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
0.4
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.