A flaw was found in the Linux kernels IPV6 subsystem. Route reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c. A local attacker with the ability to trigger packets being sent over a specific route that implements suppress_prefixlength.
The suppress_prefixlength routes are not standard and require administrative access to insert.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1771487]
This was fixed for Fedora with the 5.3.4 stable kernel updates.
As the IPV6 module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:
If the system requires IPV6 to work correctly, this mitigation may not be suitable.
If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
This flaw is rated as moderate as setting up the condition requires CAP_NET_ADMIN privileges which are not available to regular users.