CVE-2025-38587

ipv6: fix possible infinite loop in fib6_info_uses_dev()

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6_info_uses_dev() fib6_info_uses_dev() seems to rely on RCU without an explicit
protection. Like the prior fix in rt6_nlmsg_size(),
we need to make sure fib6_del_route() or fib6_add_rt2node()
have not removed the anchor from the list, or we risk an infinite loop.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ipv6: corrección de un posible bucle infinito en fib6_info_uses_dev(). fib6_info_uses_dev() parece depender de RCU sin protección explícita. Al igual que la corrección anterior en rt6_nlmsg_size(), debemos asegurarnos de que fib6_del_route() o fib6_add_rt2node() no hayan eliminado el ancla de la lista; de lo contrario, corremos el riesgo de un bucle infinito.

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible infinite loop in fib6_info_uses_dev() fib6_info_uses_dev() seems to rely on RCU without an explicit protection. Like the prior fix in rt6_nlmsg_size(), we need to make sure fib6_del_route() or fib6_add_rt2node() have not removed the anchor from the list, or we risk an infinite loop.

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-04-16 CVE Reserved
2025-08-19 CVE Published
2025-10-26 EPSS Updated
2025-11-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (11)

URL	Tag	Source
https://git.kernel.org/stable/c/d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2	Vuln. Introduced
https://git.kernel.org/stable/c/52da02521ede55fb86546c3fffd9377b3261b91f	Vuln. Introduced
https://git.kernel.org/stable/c/34a949e7a0869dfa31a40416d2a56973fae1807b	Vuln. Introduced
https://git.kernel.org/stable/c/d9ccb18f83ea2bb654289b6ecf014fd267cc988b	Vuln. Introduced
https://git.kernel.org/stable/c/11edcd026012ac18acee0f1514db3ed1b160fc6f	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/bc85e62394f008fa848c4ba02c936c735a3e8ef5	2025-08-15
https://git.kernel.org/stable/c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0	2025-08-15
https://git.kernel.org/stable/c/db65739d406c72776fbdbbc334be827ef05880d2	2025-08-15
https://git.kernel.org/stable/c/16d21816c0918f8058b5fc14cbe8595d62046e2d	2025-08-15
https://git.kernel.org/stable/c/e09be457b71b983a085312ff9e981f51e4ed3211	2025-08-15
https://git.kernel.org/stable/c/f8d8ce1b515a0a6af72b30502670a406cfb75073	2025-07-26

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.1.128 < 6.1.148 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.128 < 6.1.148"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.6.75 < 6.6.102 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.75 < 6.6.102"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.12.2 < 6.12.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.12.2 < 6.12.42"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13 < 6.15.10 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13 < 6.15.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13 < 6.16.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13 < 6.16.1"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 6.13 < 6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.13 < 6.17"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				6.11.11 Search vendor "Linux" for product "Linux Kernel" and version "6.11.11"		en		Affected