CVE-2025-38587
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-38587
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38587.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-38587
- Downstream
- Related
- Published
- 2025-08-19T17:15:36Z
- Modified
- 2025-09-06T13:01:27Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix possible infinite loop in fib6infouses_dev()
fib6infouses_dev() seems to rely on RCU without an explicit protection.
Like the prior fix in rt6nlmsgsize(), we need to make sure fib6delroute() or fib6addrt2node() have not removed the anchor from the list, or we risk an infinite loop.
- References
-
- https://git.kernel.org/stable/c/16d21816c0918f8058b5fc14cbe8595d62046e2d
- https://git.kernel.org/stable/c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0
- https://git.kernel.org/stable/c/bc85e62394f008fa848c4ba02c936c735a3e8ef5
- https://git.kernel.org/stable/c/db65739d406c72776fbdbbc334be827ef05880d2
- https://git.kernel.org/stable/c/e09be457b71b983a085312ff9e981f51e4ed3211
- https://git.kernel.org/stable/c/f8d8ce1b515a0a6af72b30502670a406cfb75073