CVE-2026-45917
Awaiting Analysis Awaiting Analysis - Queue
ipvs Dest Reference Leak in Linux Kernel

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep dest_dst if dev is going down There is race between the netdev notifier ip_vs_dst_event() and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler finishes, it is possible valid route to be returned and cached resuling in a leaked dev reference until the dest is not removed. To prevent new dest_dst to be attached to dest just after the handler dropped the old one, add a netif_running() check to make sure the notifier handler is not currently running for device that is closing.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45917
EUVD
EUVD-2026-32383
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's IP Virtual Server (ipvs) component. It involves a race condition between the netdev notifier function ip_vs_dst_event() and the code that caches destination routes (dst) associated with network devices (dev) that are shutting down. Because the Forwarding Information Base (FIB) can notify about a closed device after the handler finishes, a valid route may be returned and cached incorrectly. This results in a leaked reference to a device that should no longer be active. The fix involves adding a check using netif_running() to ensure that the notifier handler does not attach a new destination to a device that is in the process of closing.

Impact Analysis

This vulnerability can lead to a leaked reference to a network device that is shutting down. Such a leak may cause resource management issues within the kernel, potentially leading to instability or unexpected behavior in network routing. While the description does not specify direct security impacts such as privilege escalation or denial of service, the improper caching of routes could affect network reliability or performance.

Mitigation Strategies

The vulnerability has been resolved in the Linux kernel by adding a netif_running() check to ensure the notifier handler is not running for a device that is closing. Therefore, the immediate step to mitigate this vulnerability is to update your Linux kernel to the version that includes this fix.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45917. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart