From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Title: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference - Description: Gwangun Jung reported a slab-out-of-bounds access issue in the function. This occurs when attempting to delete a multipath route while contains an nh (next hop) reference. 2. Fixes Applied: - Code Fix: The function was fixed to return when the configured multipath route includes a multipath specification, even if uses a nexthop object. - Related Patches Fixed: - 493ced1ac7c ("ipv4: Allow routes to use nexthop objects") - 6bf92d70e690 ("net: ipv4: fix route with nexthop object delete warning") 3. Reporting and Review: - Reporter: Gwangun Jung - Fixer: David Ahern - Reviewer: Ido Schimmel - Tester: Ido Schimmel - Stable Dependency: d5082d386eee ("ipv4: Fix route deletion when nexthop info is not specified") 4. Code Changes: - Files Modified: and - Changes Made: The logic in the function was corrected to properly handle nexthop objects. 5. Patch Status: - Status: Fixed and merged into the kernel. This information indicates that the vulnerability has been identified and resolved. The fix involved modifying the logic of the relevant function to correctly handle nexthop objects.