About the negative_advice() statement in the RHEL8.10 Release Notes

Solution Unverified - Updated 26 Aug 2025

Environment

Red Hat Enterprise Linux 8.10
kernel-4.18.0-553.16.1.el8_10 or later

Issue

The RHEL 8.10 Release Notes contains the following Known Issue:
RHEL 8.10 Release Notes - Known Issues - Networking

Outdated third-party modules which use the negative_advice() function can crash the kernel
The core networking operation negative_advice() calls the inline dst_negative_advice() and __dst_negative_advice() functions. The kernel in RHEL 8.10 patched a security issue (CVE-2024-36971) in these inline functions. If a third-party module was compiled before the fix, this module might call negative_advice() incorrectly. Consequently, the third-party module can crash the kernel. To solve this problem, use an updated module that correctly calls the negative_advice() function.

Resolution

This fix required an ABI change to the negative_advice() routing function pointer.

Before this change, the function pointer took one argument, a pointer to dst_entry, and returned a pointer to dst_entry:

struct dst_entry *(*negative_advice)(struct dst_entry *) - old API

After this change, the function pointer takes two arguments, a pointer to a sock and pointer to dst_entry in that order, and does not return anything:

void (*negative_advice)(struct sock *sk, struct dst_entry *)) - new API

If any code is build with the old ABI for the negative_advice() dst ops function pointer, then after that kernel version it will be calling the function pointer with the incorrect ABI which might lead to system errors including kernel panic.

This does not change the function signature of

__dst_negative_advice(struct sock *sk) - API unchanged
dst_negative_advice(struct sock *sk) - API unchanged

The same change is made to the function signatures of (new API shown):

static void ipv4_negative_advice(struct sock *sk, struct dst_entry *dst) - new API
static void ip6_negative_advice(struct sock *sk, struct dst_entry *dst) - new API
static void xfrm_negative_advice(struct sock *sk, struct dst_entry *dst) - new API

Root Cause

Fixing CVE-2024-36971 required a breaking change to kernel API and ABI.

SBR

Networking

Product(s)

Red Hat Enterprise Linux

Components

kernel

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.