Name of the Vulnerable Software and Affected Versions:

Linux kernel versions prior to 6.6.74

Description:

A potential out-of-bound access issue has been identified in the Linux kernel, specifically in the `fill frame info()` function. This issue can be triggered by sending a packet with 14 bytes, pretending to be a VLAN packet. The `fill frame info()` function relies on `skb->mac len`, and the check has been extended to cover this case. The issue is related to an uninit-value in `fill frame info()` and `hsr forward skb()`.

Recommendations:

Update to Linux kernel version 6.6.74 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable `fill frame info()` function until a patch is available.