CVE-2026-48715

Summary

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, print_ff() copies up to 2032 bytes from attacker-controlled packet data into a 16-byte struct in6_addr on the stack, overflowing by up to 2016 bytes. Note that the main radvd daemon is not affected by the vulnerability. Version 2.21 patches the issue.

Affected Software

VendorProductVersion RangeStatus
radvd-projectradvdump< 2.21affected

Weaknesses

  • CWE-121: CWE-121: Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References