The vulnerability affects the Linux kernel’s ip6_vti driver, where the fallback tunnel device ip6_vti0 is not marked with the netns_immutable flag. Because the flag is missing, the device can be moved into a different network namespace after creation. This flaw permits an attacker, with the ability to create or modify tunnel devices, to bypass namespace isolation and potentially elevate privileges or disrupt namespace‑scoped networking. The weakness aligns with improper or missing authorization controls that lead to privilege escalation.

All Linux kernel releases that include the ip6_vti driver are susceptible, since the flaw resides in the core kernel code and the vendor does not list a specific version range. Vendors should verify whether their kernel packages incorporate the patch referenced in the linked Git commits. Updating to a kernel that includes the fix or applying the patch manually addresses the issue across affected versions.

The CVSS score is not provided and the EPSS score is unavailable, indicating that the exploit likelihood has not been quantified. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, it is inferred that the attack vector is local and requires an attacker with sufficient privileges to invoke ip6_vti initialization or to manipulate tunnel devices. If exploited, the defect could allow the attacker to re‑assign a tunnel device to another namespace, potentially enabling privilege escalation or denial of service within the affected host.