### [CVE-2019-20422](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20422)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db.

### POC

#### Reference
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4

#### Github
No PoCs found on GitHub currently.