Linux Kernel Buffer Overflow Vulnerability in ERSPAN Handling by Vendor
CVE-2025-71128

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 14 January 2026

What is CVE-2025-71128?

A vulnerability exists in the Linux kernel related to the handling of ERSPAN traffic in GRE tunnels. The struct ip_tunnel_info contains a flexible array member, options, which relies on the options_len counter for runtime bounds checking. Failure to properly initialize options_len before referencing options can lead to a buffer overflow. This issue manifests when the kernel is compiled with GCC 15+ and FORTIFY_SOURCE configured, potentially causing a kernel panic. Users are recommended to ensure that the proper helper function ip_tunnel_info_opts_set() is utilized to avoid fragmented updates that can compromise system stability.

Affected Version(s)

Linux bb5e62f2d547c4de6d1b144cbce2373a76c33f18

Linux bb5e62f2d547c4de6d1b144cbce2373a76c33f18 < 35ddf66c65eff93fff91406756ba273600bf61a3

Linux 6.15

References

https://git.kernel.org/stable/c/b282b2a9eed848587c1348abd...

https://git.kernel.org/stable/c/35ddf66c65eff93fff9140675...

Timeline

Vulnerability published
Jan 14, 2026
Vulnerability Reserved
Jan 13, 2026

JSON