Description
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6_output() Use RCU in ip6_output() in order to use dst_dev_rcu() to prevent possible UAF. We can remove rcu_read_lock()/rcu_read_unlock() pairs from ip6_finish_output2().
References (2)
Core 2
Scores
EPSS
0.0021
EPSS Percentile
11.5%
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
Status
published
Products (7)
linux/Kernel
4.13.0 - 6.17.3linux
Linux/Linux
< 4.13
Linux/Linux
4.13
Linux/Linux
4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 - 0393f85c3241c19ba8550f04a812e7d19f6b3082
Linux/Linux
4a6ce2b6f2ecabbddcfe47e7cf61dd0f00b10e36 - 11709573cc4e48dc34c80fc7ab9ce5b159e29695
Linux/Linux
6.17.3 - 6.17.*
Linux/Linux
6.18
Published
Nov 12, 2025
Tracked Since
Feb 18, 2026