Improper Handling of Nexthop Groups in Linux Kernel
CVE-2025-39980

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 October 2025

What is CVE-2025-39980?

A vulnerability exists in the Linux kernel related to the handling of nexthop groups and FDB nexthops, which can lead to invalid routing configurations. Specifically, the kernel allows changing the type of a nexthop between FDB and non-FDB while it is in a group, leading to potential network path disconnects (NPD). This misconfiguration can result in a NULL pointer dereference, impairing system stability when attempting to route packets to target addresses. The issue has been addressed by preventing changes to FDB status when the nexthop is part of a group.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 38428d68719c454d269cb03b776d8a4b0ad66111

Linux 38428d68719c454d269cb03b776d8a4b0ad66111 < 0e7bfe7a268ccbd7859730c529161cafbf44637c

Linux 38428d68719c454d269cb03b776d8a4b0ad66111

References

https://git.kernel.org/stable/c/e1e87ac0daacd51f522ecd164...
https://git.kernel.org/stable/c/0e7bfe7a268ccbd7859730c52...
https://git.kernel.org/stable/c/ec428fff792b7bd15b248dafc...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.