CVE-2024-56703
📋 TL;DR
A race condition in the Linux kernel's IPv6 routing subsystem can cause soft lockups and system panics when routers experience high next-hop churn in dynamic environments. This affects Linux-based routers and servers handling significant IPv6 traffic with frequent routing updates, particularly those using BGP routing protocols.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system lockup requiring reboot, causing network outage and service disruption for all traffic passing through affected routers.
Likely Case
Intermittent soft lockups during periods of high routing table churn, leading to packet loss, increased latency, and potential watchdog-triggered reboots.
If Mitigated
With proper kernel patching, no impact beyond normal routing performance during high churn scenarios.
🎯 Exploit Status
The provided test script demonstrates reliable reproduction under specific conditions (high routing churn + traffic load), but exploitation requires control over routing updates and traffic patterns.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check specific kernel version from stable commits: 11edcd026012ac18acee0f1514db3ed1b160fc6f, 34a949e7a0869dfa31a40416d2a56973fae1807b, 52da02521ede55fb86546c3fffd9377b3261b91f, d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2, d9ccb18f83ea2bb654289b6ecf014fd267cc988b
Vendor Advisory: https://git.kernel.org/stable/c/11edcd026012ac18acee0f1514db3ed1b160fc6f
Restart Required: Yes
Instructions:
1. Identify current kernel version. 2. Apply appropriate kernel patch from stable tree. 3. Rebuild kernel if using custom kernel. 4. Reboot system with patched kernel.
🔧 Temporary Workarounds
Reduce routing table churn
linuxConfigure BGP/routing daemons to reduce frequency of route updates and implement route dampening
# Configure BGP dampening in bird (example)
protocol bgp {
dampening on;
dampening half life 15;
dampening suppress 2000;
dampening reuse 750;
dampening max suppress time 60;
}
Disable IPv6 multipath routing
linuxIf multipath routing is not required, disable it to avoid the vulnerable code path
sysctl -w net.ipv6.fib_multipath=0
🧯 If You Can't Patch
- Implement aggressive BGP route dampening to minimize routing table churn
- Monitor systems for soft lockups and implement automated recovery procedures
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if experiencing soft lockups during high IPv6 routing churn with watchdog panics showing fib6_select_path in stack traceCheck Version:
uname -rVerify Fix Applied:
Apply kernel patch and test with high routing churn + traffic load; monitor for soft lockups📡 Detection & Monitoring
Log Indicators:
- Watchdog timeout messages
- Kernel panic with fib6_select_path in stack trace
- Soft lockup detected messages
Network Indicators:
- Increased packet loss on IPv6 routes
- Routing protocol flaps
- Unusual latency spikes
SIEM Query:
event_source="kernel" AND (message="soft lockup" OR message="watchdog" OR message="BUG") AND message CONTAINS "fib6_select_path"🔗 References
- https://git.kernel.org/stable/c/11edcd026012ac18acee0f1514db3ed1b160fc6f
- https://git.kernel.org/stable/c/34a949e7a0869dfa31a40416d2a56973fae1807b
- https://git.kernel.org/stable/c/52da02521ede55fb86546c3fffd9377b3261b91f
- https://git.kernel.org/stable/c/d0ec61c9f3583b76aebdbb271f5c0d3fcccd48b2
- https://git.kernel.org/stable/c/d9ccb18f83ea2bb654289b6ecf014fd267cc988b
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
