The nat46 tag on WindowsForum.com covers discussions about the Linux kernel vulnerability CVE-2025-38192, a denial-of-service bug triggered by a careless protocol flip inside an eBPF helper. When a NAT46 BPF program changes an skb's protocol from IPv4 to IPv6 without clearing the associated destination pointer, it causes a NULL pointer dereference and kernel panic. This tag is relevant for Linux system administrators, security researchers, and IT professionals managing network address translation between IPv4 and IPv6, particularly those using eBPF-based NAT46 implementations. Topics include kernel networking, socket buffer handling, and denial-of-service prevention in Linux environments.
-
A careless protocol flip inside an eBPF helper can crash a Linux host: CVE-2025-38192 is a kernel networking bug that occurs when a NAT46 BPF program changes an skb's protocol from IPv4 to IPv6 without clearing the associated destination (dst) pointer, producing a NULL pointer dereference and a...