A flaw was found in the Linux kernels implementation of some networking protocols in encrypted IPsec tunnels.
The most common use cases are VXLAN or GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel will not correctly route this tunneled data over the encrypted link but instead will send the data unencrypted.
This could allow this information to be intercepted by a Man In the Middle (MITM) attack by an attacker with control over viewing contents between the two connection endpoints.
Name: Xiumei Mu (Red Hat QE Engineering)
Trackers above made, going to mark these trackers as duplicates of the product bugs. Leaving the -rt trackers.
Disabling the IPV6 protocol may be a suitable workaround for systems that do not require the protocol to function correctly, however, if IPV6 is not in use this flaw will not be triggered.