Linux Kernel Reference Count Leak Vulnerability in Neighbor Discovery Router Discovery Function

A potential reference count leak vulnerability has been identified in the Linux kernel's Neighbor Discovery Router Discovery function. This issue arises when the function successfully acquires references to both the route and neighbor objects. If the neighbor's lifetime is non-zero but the metric requires adjustment, the function deletes the route and nullifies the route reference. It may then attempt to reacquire the route and neighbor references. However, the function overwrites the neighbor reference without decrementing the reference count of the previous neighbor, leading to a memory leak. The vulnerability has been addressed by ensuring the reference count of the neighbor is properly decremented before overwriting.

Impact

Exploitation of this vulnerability could lead to memory leaks, causing increased memory usage and potential degradation of system performance.