CVE-2025-71080
- Source
- https://cve.org/CVERecord?id=CVE-2025-71080
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71080.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-71080
- Downstream
- Related
- Published
- 2026-01-13T15:34:44.832Z
- Modified
- 2026-05-15T11:54:23.775456781Z
- Summary
- ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix a BUG in rt6getpcpuroute() under PREEMPTRT
On PREEMPTRT kernels, after rt6getpcpuroute() returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute() and successfully install a pcpurt entry. When the first task resumes execution, its cmpxchg() in rt6makepcpuroute() will fail because rt6ipcpu is no longer NULL, triggering the BUGON(prev). It's easy to reproduce it by adding mdelay() after rt6getpcpuroute().
Using preemptdisable/enable is not appropriate here because ip6rtpcpualloc() may sleep.
Fix this by handling the cmpxchg() failure gracefully on PREEMPTRT: free our allocation and return the existing pcpurt installed by another task. The BUGON is replaced by WARNONONCE for non-PREEMPTRT kernels where such races should not occur.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71080.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/1adaea51c61b52e24e7ab38f7d3eba023b2d050d
- https://git.kernel.org/stable/c/1dc33ad0867325f8d2c6d7b2a6f542d4f3121f66
- https://git.kernel.org/stable/c/787515ccb2292f82eb0876993129154629a49651
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71080.json
- https://nvd.nist.gov/vuln/detail/CVE-2025-71080
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git