Linux Kernel VXLAN Devices Vulnerable to Improper Proxy Handling by Vendor Linux
CVE-2025-39850

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 19 September 2025

What is CVE-2025-39850?

A vulnerability exists in Linux Kernel's VXLAN devices where the proxy option, when enabled, can lead to improper handling of ARP requests and IPv6 Neighbor Solicitation messages. If a valid neighbor entry is configured but associated with an incorrect FDB nexthop group, the kernel may erroneously assume the MAC address points to a valid remote destination. This misjudgment can result in a Null Pointer Dereference (NPD) when the system tries to dereference a non-existent remote destination. To mitigate this risk, the code should implement checks to confirm the existence of the remote destination before proceeding.

Affected Version(s)

Linux 1274e1cc42264d4e629841e4f182795cb0becfd2

Linux 1274e1cc42264d4e629841e4f182795cb0becfd2 < 8cfa0f076842f9b3b4eb52ae0e41d16e25cbf8fa

Linux 1274e1cc42264d4e629841e4f182795cb0becfd2 < 1f5d2fd1ca04a23c18b1bde9a43ce2fa2ffa1bce

References

https://git.kernel.org/stable/c/e211e3f4199ac829bd493632e...

https://git.kernel.org/stable/c/8cfa0f076842f9b3b4eb52ae0...

https://git.kernel.org/stable/c/1f5d2fd1ca04a23c18b1bde9a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 19, 2025
Vulnerability Reserved
Apr 16, 2025