{"id":"CVE-2025-38587","summary":"ipv6: fix possible infinite loop in fib6_info_uses_dev()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix possible infinite loop in fib6_info_uses_dev()\n\nfib6_info_uses_dev() seems to rely on RCU without an explicit\nprotection.\n\nLike the prior fix in rt6_nlmsg_size(),\nwe need to make sure fib6_del_route() or fib6_add_rt2node()\nhave not removed the anchor from the list, or we risk an infinite loop.","modified":"2026-03-20T12:42:56.130380Z","published":"2025-08-19T17:03:08.924Z","related":["MGASA-2025-0234","MGASA-2025-0235","SUSE-SU-2025:03272-1","SUSE-SU-2025:03290-1","SUSE-SU-2025:03301-1","SUSE-SU-2025:03382-1","SUSE-SU-2025:03602-1","SUSE-SU-2025:03633-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20653-1","SUSE-SU-2025:20669-1","SUSE-SU-2025:20739-1","SUSE-SU-2025:20756-1","SUSE-SU-2025:21074-1","SUSE-SU-2025:21139-1","SUSE-SU-2025:21179-1","openSUSE-SU-2025:20081-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38587.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/16d21816c0918f8058b5fc14cbe8595d62046e2d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9cb6de8ee144a94ae7a40bdb32560329ab7276f0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bc85e62394f008fa848c4ba02c936c735a3e8ef5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/db65739d406c72776fbdbbc334be827ef05880d2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e09be457b71b983a085312ff9e981f51e4ed3211"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f8d8ce1b515a0a6af72b30502670a406cfb75073"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/38xxx/CVE-2025-38587.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-38587"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2"},{"fixed":"bc85e62394f008fa848c4ba02c936c735a3e8ef5"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"52da02521ede55fb86546c3fffd9377b3261b91f"},{"fixed":"9cb6de8ee144a94ae7a40bdb32560329ab7276f0"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"34a949e7a0869dfa31a40416d2a56973fae1807b"},{"fixed":"db65739d406c72776fbdbbc334be827ef05880d2"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"d9ccb18f83ea2bb654289b6ecf014fd267cc988b"},{"fixed":"16d21816c0918f8058b5fc14cbe8595d62046e2d"},{"fixed":"e09be457b71b983a085312ff9e981f51e4ed3211"},{"fixed":"f8d8ce1b515a0a6af72b30502670a406cfb75073"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"11edcd026012ac18acee0f1514db3ed1b160fc6f"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-38587.json"}}],"schema_version":"1.7.5"}