CVE-2025-38638

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.16.0-rc7-syzkaller

Description: The Linux kernel contained a flaw in the inet6 rt notify() function within the IPv6 networking stack. Specifically, the function could be called while under RCU protection, potentially leading to a race condition where a route could change concurrently with the function's execution. This could result in rt6 fill node() returning an -EMSGSIZE error. The issue was addressed by adding retry logic to resize the skb when this condition occurs, removing a related warning that was triggered by syzbot.

Recommendations: Update to a version newer than 6.16.0-rc7-syzkaller.