A memory leak in the Linux kernel tun driver exposes systems to denial-of-service via memory exhaustion.

A vulnerability in the tun_xdp_one() function fails to free memory pages when rejecting network frames shorter than the expected Ethernet header length. This allows a local attacker with access to the tun/tap device to leak memory through repeated exploitation.

The CVSS score of 7.1 indicates a high risk to availability. By triggering this memory leak, an attacker can exhaust system memory, potentially forcing a kernel panic or causing a total system denial of service, which disrupts all hosted applications.

Immediate Action: Update the Linux kernel to the version containing the fix, which ensures the page is freed before returning an error.

Proactive Monitoring: Monitor for kernel-level memory leaks and unexpected increases in memory usage associated with tun/tap device activity.

Compensating Controls: Limit access to tun/tap interfaces to only necessary services and users, utilizing SELinux or AppArmor policies to restrict device access.

Public Exploit Available: false

Kernel vulnerabilities leading to memory exhaustion are critical for system uptime. Administrators should apply the provided patch as soon as possible, particularly on systems that heavily rely on virtual networking or tunneling, to prevent potential DoS scenarios.