CVE-2025-71080

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s IPv6 implementation within the rt6 get pcpu route() function when operating under the PREEMPT RT kernel configuration. Specifically, after rt6 get pcpu route() returns NULL, the current task can be preempted, allowing another task on the same CPU to successfully install a pcpu rt entry. Upon resumption, the initial task’s cmpxchg() operation within rt6 make pcpu route() fails, triggering a BUG ON condition. This issue arises due to a race condition where a pcpu rt entry is installed by another task while the first task is preempted. The fix involves gracefully handling the cmpxchg() failure on PREEMPT RT systems by freeing the allocation and returning the existing pcpu rt entry installed by another task. For non-PREEMPT RT kernels, the BUG ON condition is replaced with a WARN ON ONCE, as such races should not occur in those environments.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.