CVE-2025-71097 ipv4: Fix reference count leak when using error routes with nexthop objects

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix reference count leak when using error routes with nexthop objects When a nexthop object is deleted, it is marked as dead and then fibtableflush is called to flush all the routes that are using the dead nexthop. The...

PT-2026-2618

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak exists in the IPv4 implementation when using error routes with nexthop objects. Specifically, when a nexthop object is deleted, error routes do not get flushed,...

CVE-2025-68241 ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmission path calls: sittunnelxmit - updateorcreatefnhe, which lead to fnheremoveoldest being called to delete entries exceeding...

PT-2025-51654

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the IPv4 routing mechanism related to stale function handle exceptions fnhe. Specifically, the rt bind exception function can rebind to a function...