Vulnerability in Linux Kernel Affecting VXLAN Functionality
CVE-2025-21790

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability has been identified within the Linux Kernel’s VXLAN functionality, where the initialization process fails to properly validate return values from the 'vxlan_vnigroup_init()' function. This oversight can lead to a system crash, primarily due to null pointer dereferences and general protection faults. It is critical to ensure that the success of this initialization is explicitly verified to prevent potential disruptions in network stability. Users are advised to apply the latest kernel updates to mitigate this risk.

Affected Version(s)

Linux f9c4bb0b245cee35ef66f75bf409c9573d934cf9 < 79aea5e55156c87dc570e43fcd8bba01b9d6ab3f

Linux f9c4bb0b245cee35ef66f75bf409c9573d934cf9

References

https://git.kernel.org/stable/c/79aea5e55156c87dc570e43fc...

https://git.kernel.org/stable/c/a303649b99b64858d62ce7428...

https://git.kernel.org/stable/c/e860f847787fbbf0d8dacd638...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024