Adrian Oliver

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to soft lockups in the Linux kernel's IPv6 route handling, specifically in the `fib6 select path` function. This occurs when the nodes of the linked list are unexpectedly deleted concurrently on a different core, resulting in an infinite loop and a soft lockup that triggers a system panic via the watchdog timer. The problem arises in a highly dynamic environment where Linux-based edge routers continuously update BGP-advertised routes due to frequently changing nexthop destinations. To resolve the issue, RCU primitives are applied in the problematic code sections, and references to `fib6 siblings` are updated to annotate or use the RCU APIs. **Recommendations** Apply RCU primitives in the problematic code sections to resolve the issue. Update the references to `fib6 siblings` to annotate or use the RCU APIs. As a temporary workaround, consider disabling the `fib6 select path` function until a patch is available. Restrict access to the vulnerable `fib6 select path` function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.