-
CVE-2026-53013
- EPSS 0.17%
- Veröffentlicht 24.06.2026 16:29:23
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF
In the Linux kernel, the following vulnerability has been resolved:
macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF
macvlan_get_size() does not account for IFLA_MACVLAN_BC_CUTOFF, but
macvlan_fill_info() conditionally includes it when port->bc_cutoff != 1.
This causes nla_put_s32() to fail with -EMSGSIZE when the netlink skb
runs out of space, triggering a WARN_ON in rtnetlink and preventing the
interface from being dumped.
The bug can be reproduced with:
ip link add macvlan0 link eth0 type macvlan mode bridge
ip link set macvlan0 type macvlan bc_cutoff 0
ip -d link show macvlan0 # fails with -EMSGSIZE
The bc_cutoff feature was added in commit 954d1fa1ac93 ("macvlan: Add
netlink attribute for broadcast cutoff"), which added the nla_put_s32()
call in macvlan_fill_info() but missed adding the corresponding
nla_total_size(4) in macvlan_get_size(). A follow-up commit
55cef78c244d ("macvlan: add forgotten nla_policy for
IFLA_MACVLAN_BC_CUTOFF") fixed the missing nla_policy entry but still
did not fix the size calculation.Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Version <
4979252758387b338ca968ba7e0515b0ae2257e3
Status
affected
Version
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Version <
77ecfa4e27f282d224215895ddfbeb916fc75e24
Status
affected
Version
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Version <
b6b7154e9f5d75b608ceb2d05b376de8c638c40e
Status
affected
Version
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Version <
1c004f14ccdc11585625c168bb9a7c5e1b8afb0c
Status
affected
Version
954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Version <
fa92a77b0ed4d5f11a71665a232ac5a54a4b055d
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
6.4
Status
affected
Version
0
Version <
6.4
Status
unaffected
Version <=
6.6.*
Version
6.6.141
Status
unaffected
Version <=
6.12.*
Version
6.12.91
Status
unaffected
Version <=
6.18.*
Version
6.18.33
Status
unaffected
Version <=
7.0.*
Version
7.0.10
Status
unaffected
Version <=
*
Version
7.1
Status
unaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.063 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|
https://git.kernel.org/stable/c/4979252758387b338ca968ba7e0515b0ae2257e3
https://git.kernel.org/stable/c/77ecfa4e27f282d224215895ddfbeb916fc75e24
https://git.kernel.org/stable/c/b6b7154e9f5d75b608ceb2d05b376de8c638c40e
https://git.kernel.org/stable/c/1c004f14ccdc11585625c168bb9a7c5e1b8afb0c
https://git.kernel.org/stable/c/fa92a77b0ed4d5f11a71665a232ac5a54a4b055d