Vulnerability: Mishandling of RT6_LOOKUP_F_DST_NOREF Flag in fib6_rule_lookup in Linux Kernel

Vulnerability: Mishandling of RT6_LOOKUP_F_DST_NOREF Flag in fib6_rule_lookup in Linux Kernel

CVE-2019-20422 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.