Primary

Context

Linux Kernel RSS Hash Key Programming Vulnerability in Hyper-V Netvsc Driver

Vulnerability

Patched

A vulnerability in the Linux kernel's Hyper-V netvsc driver allows for improper handling of Receive Side Scaling (RSS) hash key updates. This issue arises when the device reports a single receive queue, leading to a scenario where the required RX indirection table is not allocated. Accepting RSS hash key updates under these conditions can cause the system to hang. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability can lead to a system hang, causing a denial of service.

Reproduction

To reproduce this vulnerability, configure a device to report a single receive queue without an allocated RX indirection table. Then, attempt to update the RSS hash key. The system will hang, demonstrating the vulnerability.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version.

Added: Feb 4, 2026, 6:30 PM

Updated: Feb 4, 2026, 6:30 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.4

remediation

7.7

relevance

2.8

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.4

remediation

7.7

relevance

2.8

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RSS Hash Key Programming Vulnerability in Hyper-V Netvsc Driver

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating