VxLAN Packet Forwarding Issue in NVIDIA Cumulus Linux
CVE-2023-25525

7.5HIGH

Key Information:

Vendor: Nvidia
Status: Cumulus Linux
Vendor: CVE Published:; 20 September 2023

Summary

NVIDIA Cumulus Linux is affected by a vulnerability that arises when VxLAN-encapsulated IPv6 packets are received on an SVI interface. If the DMAC/DIPv6 is set to the link-local address of the SVI interface, these packets may be erroneously forwarded, which can potentially lead to unauthorized access to sensitive information.

Affected Version(s)

Cumulus Linux All versions prior to 5.6.0

References

https://nvidia.custhelp.com/app/answers/detail/a_id/5480

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2023
Vulnerability Reserved
Feb 7, 2023