CVE-2025-38587 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6_info_uses_dev() fib6_info_uses_dev() seems to rely on RCU without an explicit protection. Like the prior fix in rt6_nlmsg_size(), we need to make sure fib6_del_route() or fib6_add_rt2node() have not removed the anchor from the list, or we risk an infinite loop.

PUBLISHED Reserved 2025-04-16 | Published 2025-08-19 | Updated 2025-09-29 | Assigner Linux

Product status

Default status

unaffected

d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2 before bc85e62394f008fa848c4ba02c936c735a3e8ef5

affected

52da02521ede55fb86546c3fffd9377b3261b91f before 9cb6de8ee144a94ae7a40bdb32560329ab7276f0

affected

34a949e7a0869dfa31a40416d2a56973fae1807b before db65739d406c72776fbdbbc334be827ef05880d2

affected

d9ccb18f83ea2bb654289b6ecf014fd267cc988b before 16d21816c0918f8058b5fc14cbe8595d62046e2d

affected

d9ccb18f83ea2bb654289b6ecf014fd267cc988b before e09be457b71b983a085312ff9e981f51e4ed3211

affected

d9ccb18f83ea2bb654289b6ecf014fd267cc988b before f8d8ce1b515a0a6af72b30502670a406cfb75073

affected

11edcd026012ac18acee0f1514db3ed1b160fc6f

affected

Default status

affected

6.13

affected

Any version before 6.13

unaffected

6.1.148

unaffected

6.6.102

unaffected

6.12.42

unaffected

6.15.10

unaffected

6.16.1

unaffected

6.17

unaffected

References

git.kernel.org/...c/bc85e62394f008fa848c4ba02c936c735a3e8ef5

git.kernel.org/...c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0

git.kernel.org/...c/db65739d406c72776fbdbbc334be827ef05880d2

git.kernel.org/...c/16d21816c0918f8058b5fc14cbe8595d62046e2d

git.kernel.org/...c/e09be457b71b983a085312ff9e981f51e4ed3211

git.kernel.org/...c/f8d8ce1b515a0a6af72b30502670a406cfb75073

cve.org (CVE-2025-38587)

nvd.nist.gov (CVE-2025-38587)

Download JSON

help @ threatint.eu