3 matches found
Azure Linux 3.0 Security Update: kernel (CVE-2025-38146)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38146 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of...
SUSE CVE-2025-38146
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of MPLS parse The unexpected MPLS packet may not end with the bottom label stack. When there are many stacks, The label count value has wrapped around. A dead loop occurs, soft lockup/CPU stuck...
CVE-2025-38146
CVE-2025-38146 affects the Linux kernel net/openvswitch MPLS parsing. The issue can cause a dead loop when MPLS label stacks wrap, with a UBSAN array-index-out-of-bounds (index -1) in key_extract_l3l4 and related stack traces, potentially leading to soft lockup/CPU stall. A fix for the MPLS parse...