IPv6 Vulnerability in Linux Kernel Affecting Networking Components
CVE-2025-21757

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 February 2025

Summary

A vulnerability in the Linux kernel's IPv6 implementation affects the handling of destination cache references. Specifically, in scenarios involving RPL (Routing Protocol for Low-Power and Lossy Networks), Segment Routing Header (SRH), and Inband OAM over IPv6 (IOAM6) lightweight tunneling, the dst_cache_get() function fails to properly release memory references, leading to potential memory leaks. This issue was identified through the ioam6.sh test, which helped in the recent enhancement of kmemleak to detect per-CPU memory issues. Proper management of references is essential to maintain system stability and security.

Affected Version(s)

Linux 8471e228448a818e4c27cab4b681b2e758e46cf5 < 2248b8145053eb2ae35ca4cf694b885a086719bb

Linux c432cd18a07b623651ed15ea167bd303467004cc

Linux 985ec6f5e6235242191370628acb73d7a9f0c0ea

References

https://git.kernel.org/stable/c/2248b8145053eb2ae35ca4cf6...

https://git.kernel.org/stable/c/d90f8f930c3053bb11f5def9a...

https://git.kernel.org/stable/c/c71a192976ded2f2f416d03c4...

Timeline

Vulnerability published
Feb 27, 2025
Vulnerability Reserved
Dec 29, 2024