linux kernel is vulnerable to man-in-the-middle (MitM) attack. An insecure and unencrypted channel between two Geneve endpoints is used when IPsec is configured to encrypt traffic.
lists.opensuse.org/opensuse-security-announce/2020-10/msg00035.html
lists.opensuse.org/opensuse-security-announce/2020-10/msg00042.html
packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html
bugzilla.redhat.com/show_bug.cgi?id=1883988
git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2020-25645
lists.debian.org/debian-lts-announce/2020/10/msg00028.html
lists.debian.org/debian-lts-announce/2020/12/msg00027.html
security.netapp.com/advisory/ntap-20201103-0004/
www.debian.org/security/2020/dsa-4774