kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

CVE-2025-40158

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ip6output not using RCU to protect dstdevrcu access, which could lead to reuse after release...

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

AZL-42444 CVE-2024-36901 affecting package kernel for versions less than 6.6.35.1-4

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...