PT-2025-8880 · Linux+5 · Linux Kernel+5

Published

2025-01-29

·

Updated

2026-05-26

·

CVE-2025-21768

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A issue in the Linux kernel has been identified, specifically in the ipv6 component, where certain lwtunnels (such as rpl, seg6, and ioam6) have a dst cache for post-transformation dst. This can lead to a situation where a packet's destination does not change, resulting in a reference to the lwtunnel being recorded in its own cache, causing the lwtunnel state to never be freed. This issue was discovered by the ioam6.sh test.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Weakness Enumeration

CWE-401

Related Identifiers

AZL-62544
AZL-68979
BDU:2026-03118
CVE-2025-21768
ECHO-9E50-BD1A-E26E
OPENSUSE-SU-2025_01614-1
OPENSUSE-SU-2025_01707-1
SUSE-SU-2025:01600-1
SUSE-SU-2025:01614-1
SUSE-SU-2025:01707-1
SUSE-SU-2025:01919-1
SUSE-SU-2025:01951-1
SUSE-SU-2025:01964-1
SUSE-SU-2025:01967-1
SUSE-SU-2025:01972-1
SUSE-SU-2025:20343-1
SUSE-SU-2025:20344-1
SUSE-SU-2025:20354-1
SUSE-SU-2025:20355-1
SUSE-SU-2025_01600-1
SUSE-SU-2025_01614-1
SUSE-SU-2025_01707-1
SUSE-SU-2025_01951-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01967-1
SUSE-SU-2025_01972-1
USN-7521-1
USN-7521-2
USN-7521-3
USN-7703-1
USN-7703-2
USN-7703-3
USN-7703-4
USN-7719-1
USN-7737-1

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Suse
Ubuntu