CVE-2025-71080

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-71080
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71080.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-71080
Downstream
Published
2026-01-13T15:34:44.832Z
Modified
2026-02-09T19:36:14.647184Z
Summary
ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT
Details

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix a BUG in rt6getpcpuroute() under PREEMPTRT

On PREEMPTRT kernels, after rt6getpcpuroute() returns NULL, the current task can be preempted. Another task running on the same CPU may then execute rt6makepcpuroute() and successfully install a pcpurt entry. When the first task resumes execution, its cmpxchg() in rt6makepcpuroute() will fail because rt6ipcpu is no longer NULL, triggering the BUGON(prev). It's easy to reproduce it by adding mdelay() after rt6getpcpuroute().

Using preemptdisable/enable is not appropriate here because ip6rtpcpualloc() may sleep.

Fix this by handling the cmpxchg() failure gracefully on PREEMPTRT: free our allocation and return the existing pcpurt installed by another task. The BUGON is replaced by WARNONONCE for non-PREEMPTRT kernels where such races should not occur.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71080.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d2d6422f8bd17c6bb205133e290625a564194496
Fixed
1dc33ad0867325f8d2c6d7b2a6f542d4f3121f66
Fixed
787515ccb2292f82eb0876993129154629a49651
Fixed
1adaea51c61b52e24e7ab38f7d3eba023b2d050d

Affected versions

v6.*
v6.12
v6.12-rc1
v6.12-rc2
v6.12-rc3
v6.12-rc4
v6.12-rc5
v6.12-rc6
v6.12-rc7
v6.12.1
v6.12.10
v6.12.11
v6.12.12
v6.12.13
v6.12.14
v6.12.15
v6.12.16
v6.12.17
v6.12.18
v6.12.19
v6.12.2
v6.12.20
v6.12.21
v6.12.22
v6.12.23
v6.12.24
v6.12.25
v6.12.26
v6.12.27
v6.12.28
v6.12.29
v6.12.3
v6.12.30
v6.12.31
v6.12.32
v6.12.33
v6.12.34
v6.12.35
v6.12.36
v6.12.37
v6.12.38
v6.12.39
v6.12.4
v6.12.40
v6.12.41
v6.12.42
v6.12.43
v6.12.44
v6.12.45
v6.12.46
v6.12.47
v6.12.48
v6.12.49
v6.12.5
v6.12.50
v6.12.51
v6.12.52
v6.12.53
v6.12.54
v6.12.55
v6.12.56
v6.12.57
v6.12.58
v6.12.59
v6.12.6
v6.12.60
v6.12.61
v6.12.62
v6.12.63
v6.12.7
v6.12.8
v6.12.9
v6.13
v6.13-rc1
v6.13-rc2
v6.13-rc3
v6.13-rc4
v6.13-rc5
v6.13-rc6
v6.13-rc7
v6.14
v6.14-rc1
v6.14-rc2
v6.14-rc3
v6.14-rc4
v6.14-rc5
v6.14-rc6
v6.14-rc7
v6.15
v6.15-rc1
v6.15-rc2
v6.15-rc3
v6.15-rc4
v6.15-rc5
v6.15-rc6
v6.15-rc7
v6.16
v6.16-rc1
v6.16-rc2
v6.16-rc3
v6.16-rc4
v6.16-rc5
v6.16-rc6
v6.16-rc7
v6.17
v6.17-rc1
v6.17-rc2
v6.17-rc3
v6.17-rc4
v6.17-rc5
v6.17-rc6
v6.17-rc7
v6.18
v6.18-rc1
v6.18-rc2
v6.18-rc3
v6.18-rc4
v6.18-rc5
v6.18-rc6
v6.18-rc7
v6.18.1
v6.18.2
v6.18.3
v6.19-rc1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71080.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.12.0
Fixed
6.12.64
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71080.json"