Bug 2363390 (CVE-2022-49776) - CVE-2022-49776 kernel: macvlan: enforce a consistent minimal mtu
Summary: CVE-2022-49776 kernel: macvlan: enforce a consistent minimal mtu
Keywords:
Status: NEW
Alias: CVE-2022-49776
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-05-01 15:02 UTC by OSIDB Bzimport
Modified: 2025-06-06 00:50 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-05-01 15:02:55 UTC 
In the Linux kernel, the following vulnerability has been resolved:

macvlan: enforce a consistent minimal mtu

macvlan should enforce a minimal mtu of 68, even at link creation.

This patch avoids the current behavior (which could lead to crashes
in ipv6 stack if the link is brought up)

$ ip link add macvlan1 link eno1 mtu 8 type macvlan  # This should fail !
$ ip link sh dev macvlan1
5: macvlan1@eno1: <BROADCAST,MULTICAST> mtu 8 qdisc noop
    state DOWN mode DEFAULT group default qlen 1000
    link/ether 02:47:6c:24:74:82 brd ff:ff:ff:ff:ff:ff
$ ip link set macvlan1 mtu 67
Error: mtu less than device minimum.
$ ip link set macvlan1 mtu 68
$ ip link set macvlan1 mtu 8
Error: mtu less than device minimum.
Comment 1 Avinash Hanwate 2025-05-02 06:07:01 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025050117-CVE-2022-49776-6054@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.