{"uuid": "a045d18f-0e2a-4159-9fa7-70a397ac56b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22005", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10178", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22005\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().\n\nfib_check_nh_v6_gw() expects that fib6_nh_init() cleans up everything\nwhen it fails.\n\nCommit 7dd73168e273 (\"ipv6: Always allocate pcpu memory in a fib6_nh\")\nmoved fib_nh_common_init() before alloc_percpu_gfp() within fib6_nh_init()\nbut forgot to add cleanup for fib6_nh->nh_common.nhc_pcpu_rth_output in\ncase it fails to allocate fib6_nh->rt6i_pcpu, resulting in memleak.\n\nLet's call fib_nh_common_release() and clear nhc_pcpu_rth_output in the\nerror path.\n\nNote that we can remove the fib6_nh_release() call in nh_create_ipv6()\nlater in net-next.git.\n\ud83d\udccf Published: 2025-04-03T07:19:06.716Z\n\ud83d\udccf Modified: 2025-04-03T07:19:06.716Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/77c41cdbe6bce476e08d3251c0d501feaf10a9f3\n2. https://git.kernel.org/stable/c/119dcafe36795a15ae53351cbbd6177aaf94ffef\n3. https://git.kernel.org/stable/c/29d91820184d5cbc70f3246d4911d96eaeb930d6\n4. https://git.kernel.org/stable/c/d3d5b4b5ae263c3225db363ba08b937e2e2b0380\n5. https://git.kernel.org/stable/c/9740890ee20e01f99ff1dde84c63dcf089fabb98", "creation_timestamp": "2025-04-03T07:34:09.000000Z"}