Joshua Washington

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 6.6.74 **Description** A vulnerability in the Linux kernel has been resolved, which guarded XSK operations on the existence of queues. If the interface is down, disabling or enabling XSK pools would result in a crash, as the RX queue pointer would be NULL. The patch predicates the enabling and disabling of XSK pools on the existence of queues. Additionally, `xsk wakeup` needs to be guarded against queues disappearing while the function is executing, so a check against the `GVE PRIV FLAGS NAPI ENABLED` flag is added to synchronize with the disabling of the bit and the `synchronize net()` in `gve turndown`. **Recommendations** For Linux kernel versions prior to 6.6.74, update to version 6.6.74 or later to resolve the issue. As a temporary workaround, consider disabling XSK pool operations when the interface is down to prevent crashes. Restrict access to `xsk wakeup` to minimize the risk of exploitation. Avoid using the `GVE PRIV FLAGS NAPI ENABLED` flag in vulnerable configurations until the issue is resolved.