CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized optionslen and could lead to out-of-bounds access...