CVE-2026-53006

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching saddr and daddr before pskb_pull() is problematic since skb->head can change. Remove these temporary variables: - We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr when net_dbg_ratelimited() is called in the slow path. - Avoid potential future misuse after pskb_pull() call.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 7bff2c8fe5c35ae58bf73104f53db3676e6e5d94
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – aff0f28f5be803de2452ce702631c021fcd9ce8a
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 38bdbc897c0d83a3e2b925a51b69420f1feba29a
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 0069813e6ca9309eca78022bcb3aeb1e9ef90a12
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 7c66b368c6ff453f99cb39d84af93e908e51eef2
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – 085e31a811ef234ef8c3e219c4636dfebfe7e10f
Linux / Linux4b3418fba0fe819197e3359d5ddbef84ba2c59de – f996edd7615e686ada141b7f3395025729ff8ccb
Linux / Linux4.4 – 4.4
Linux / Linux0 – 4.4
Linux / Linux5.10.258 – 5.10.*
Linux / Linux5.15.209 – 5.15.*
Linux / Linux6.1.175 – 6.1.*
Linux / Linux6.6.141 – 6.6.*
Linux / Linux6.12.91 – 6.12.*
Linux / Linux6.18.33 – 6.18.*
Linux / Linux7.0.10 – 7.0.*
Linux / Linux7.1 – *

Description

CVSS breakdown

Affected products

References