A flaw was found in the Linux kernels IPV6 subsystem. Route reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c. A local attacker with the ability to trigger packets being sent over a specific route that implements suppress_prefixlength. The suppress_prefixlength routes are not standard and require administrative access to insert. Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1771487]
This was fixed for Fedora with the 5.3.4 stable kernel updates.
Mitigation: As the IPV6 module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions: https://access.redhat.com/solutions/8790 If the system requires IPV6 to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
Statement: This flaw is rated as moderate as setting up the condition requires CAP_NET_ADMIN privileges which are not available to regular users.
*** Bug 2014623 has been marked as a duplicate of this bug. ***