Volerion logoVolerion
Volerion logoVolerion

Linux Kernel IPv6 Flowlabel RCU Race Condition Vulnerability

Vulnerability

A vulnerability in the Linux kernel's handling of IPv6 flowlabels can lead to a use-after-free error, causing a crash. This issue arises because exclusive flowlabels are freed too early, while the associated flowlabel structure remains in the global hash table. A concurrent reader can then access freed memory, triggering a crash. The vulnerability affects the Linux kernel stable tree.

Impact

Exploitation of this vulnerability causes a kernel crash, disrupting system operations.

Reproduction

The vulnerability can be reproduced by creating exclusive flowlabels in the Linux kernel's IPv6 implementation. Once the flowlabel is no longer in use, it is freed, but the associated structure remains in the global hash table. A concurrent read operation can then access the freed memory, causing a crash.

Remediation

The vulnerability has been addressed in the Linux kernel. Users should upgrade to the latest version.

Added: Apr 25, 2026, 9:21 AM
Updated: Apr 25, 2026, 9:21 AM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
3.9
remediation
7.7
relevance
6.7
threat
4.8
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.