Linux Kernel IPv6 Device Removal Vulnerability
CVE-2024-56751
Summary
A vulnerability in the Linux kernel pertains to the IPv6 subsystem, where improper handling of nexthop references occurs during device removal. This flaw can lead to hangs at the time of device cleanup, specifically when unregistering a network device under load. The vulnerability manifests when the kernel continues referencing a nexthop even after the associated device is set for removal, ultimately impacting overall network performance. Explicit management of the routing information base is necessary to ensure that connections are appropriately severed, preventing the persistent state from causing system instability. The resolution focuses on ensuring that referencing is adequately tracked and released during device disengagement, which is crucial for maintaining the integrity of the networking stack.
Affected Version(s)
Linux f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74
Linux f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74 < 43e25adc80269f917d2a195f0d59f74cdd182955
Linux f88d8ea67fbdbac7a64bfa6ed9a2ba27bb822f74
References
Timeline
Vulnerability published
Vulnerability Reserved