Infinite Loop Vulnerability in Open vSwitch Affecting Linux Kernel
CVE-2025-21681

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
31 January 2025

What is CVE-2025-21681?

In the Linux kernel, a vulnerability was identified in Open vSwitch related to the transmission of packets to unregistering network devices. When a device is being unregistered, the 'real_num_tx_queues' can drop to zero, potentially leading to an infinite loop in the skb_tx_hash function. This condition can occur even when the device reports a carrier status of OK, particularly with the net/dummy device, which does not implement necessary state changes during unregistration. Consequently, encountering this flaw could lock the core indefinitely, and the only recourse is to reboot the system. The vulnerability has been addressed by requiring checks on both the device's running status and carrier state, ensuring better handling during the unregistration process.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 9b0dd09c1ceb35950d2884848099fccc9ec9a123

Linux 284be5db6c8d06d247ed056cfc448c4f79bbb16c < 87fcf0d137c770e6040ebfdb0abd8e7dd481b504

Linux 5efcb301523baacd98a47553d4996e924923114d < 930268823f6bccb697aa5d2047aeffd4a497308c

References

https://git.kernel.org/stable/c/b5c73fc92f8d15c16e5dc87b5...
https://git.kernel.org/stable/c/87fcf0d137c770e6040ebfdb0...
https://git.kernel.org/stable/c/930268823f6bccb697aa5d204...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.