CVE-2025-38588
BaseFortify
Publication date: 2025-08-19
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.1.153 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves an infinite loop occurring in the function rt6_nlmsg_size(). The issue arises because the functions fib6_del_route() and fib6_add_rt2node() use list_del_rcu(), which can cause confusion for RCU (Read-Copy-Update) readers. Specifically, the readers might no longer see the head of the list, leading to an infinite loop when iterating over the list of IPv6 routing siblings. The fix involves restarting the loop if the number of siblings (f6i->fib6_nsiblings) is zero to prevent the infinite loop.
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to enter an infinite loop when processing IPv6 routing information, potentially leading to system hangs or denial of service conditions. This can degrade system stability and availability, impacting any services or applications relying on the affected kernel's networking stack.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch that resolves the infinite loop in the Linux kernel's rt6_nlmsg_size() function. This involves updating the Linux kernel to a version that includes the fix preventing the infinite loop caused by list_del_rcu() confusion in IPv6 routing code.