Linux Kernel Vulnerability in IPv6 Tunnel by Linux Foundation
CVE-2025-40173

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
12 November 2025

What is CVE-2025-40173?

A vulnerability has been identified in the Linux kernel's IPv6 tunnel implementation, where the headroom needed for packet processing is not appropriately limited. Unlike the adjustments made for the IPv4 tunnel headroom, which have safeguards in place, the IPv6 tunnel allows for continual growth of headroom without a defined ceiling. This could lead to resource exhaustion and potentially impact network performance. The issue has been resolved in newer kernel versions, and users are urged to update to mitigate these risks. Contributions from Francesco Ruggeri played a key role in identifying and addressing this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 8eb30be0352d09165e94a41fef1c7b994dca0714 < 566f8d5c8a443f2dd69c5460fdec43ed1c870c65

Linux 8eb30be0352d09165e94a41fef1c7b994dca0714 < 11f6066af3bfb8149aa16c42c0b0c5ea5b199a94

Linux 8eb30be0352d09165e94a41fef1c7b994dca0714 < 402b6985e872b4cf394bbbf33b503947a326a6cb

References

https://git.kernel.org/stable/c/566f8d5c8a443f2dd69c5460f...
https://git.kernel.org/stable/c/11f6066af3bfb8149aa16c42c...
https://git.kernel.org/stable/c/402b6985e872b4cf394bbbf33...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.