CVE-2025-38587
published 2025-08-19CVE-2025-38587: In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6_info_uses_dev() fib6_info_uses_dev() seems to rely…
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
In the Linux kernel, the following vulnerability has been resolved:
ipv6: fix possible infinite loop in fib6_info_uses_dev()
fib6_info_uses_dev() seems to rely on RCU without an explicit
protection.
Like the prior fix in rt6_nlmsg_size(),
we need to make sure fib6_del_route() or fib6_add_rt2node()
have not removed the anchor from the list, or we risk an infinite loop.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.148-1 (bookworm) | linux 6.1.148-1 (bookworm) |
| debian | linux-6.1 | < linux 6.1.148-1 (bookworm) | linux 6.1.148-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | — | — |
| linux | linux | >= 34a949e7a0869dfa31a40416d2a56973fae1807b < db65739d406c72776fbdbbc334be827ef05880d2 | db65739d406c72776fbdbbc334be827ef05880d2 |
| linux | linux | >= 52da02521ede55fb86546c3fffd9377b3261b91f < 9cb6de8ee144a94ae7a40bdb32560329ab7276f0 | 9cb6de8ee144a94ae7a40bdb32560329ab7276f0 |
| linux | linux | >= 6.1.128 < 6.1.148 | 6.1.148 |
| linux | linux | >= 6.11.11 < 6.12 | 6.12 |
| linux | linux | >= 6.12.2 < 6.12.42 | 6.12.42 |
| linux | linux | >= 6.6.75 < 6.6.102 | 6.6.102 |
| linux | linux | >= d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2 < bc85e62394f008fa848c4ba02c936c735a3e8ef5 | bc85e62394f008fa848c4ba02c936c735a3e8ef5 |
| linux | linux | >= d9ccb18f83ea2bb654289b6ecf014fd267cc988b < 16d21816c0918f8058b5fc14cbe8595d62046e2d | 16d21816c0918f8058b5fc14cbe8595d62046e2d |
| linux | linux | >= d9ccb18f83ea2bb654289b6ecf014fd267cc988b < e09be457b71b983a085312ff9e981f51e4ed3211 | e09be457b71b983a085312ff9e981f51e4ed3211 |
| linux | linux | >= d9ccb18f83ea2bb654289b6ecf014fd267cc988b < f8d8ce1b515a0a6af72b30502670a406cfb75073 | f8d8ce1b515a0a6af72b30502670a406cfb75073 |
| linux | linux_kernel | >= 0 < 6.1.148-1 | 6.1.148-1 |
| linux | linux_kernel | >= 0 < 6.12.43-1 | 6.12.43-1 |
| linux | linux_kernel | >= 0 < 6.16.3-1 | 6.16.3-1 |
| linux | linux_kernel | >= 0 < 6.8.0-100.100 | 6.8.0-100.100 |
| linux | linux_kernel | >= 6.1.128 < 6.1.148 | 6.1.148 |
| linux | linux_kernel | >= 6.11.11 < 6.12 | 6.12 |
| linux | linux_kernel | >= 6.12.2 < 6.12.42 | 6.12.42 |
| linux | linux_kernel | >= 6.13 < 6.15.10 | 6.15.10 |
| linux | linux_kernel | >= 6.16 < 6.16.1 | 6.16.1 |
| linux | linux_kernel | >= 6.6.75 < 6.6.102 | 6.6.102 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM