CVE-2026-53006

Summary

In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in icmpv6_rcv()

Caching saddr and daddr before pskb_pull() is problematic since skb->head can change.

Remove these temporary variables:

  • We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr when net_dbg_ratelimited() is called in the slow path.

  • Avoid potential future misuse after pskb_pull() call.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 7bff2c8fe5c35ae58bf73104f53db3676e6e5d94affected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < aff0f28f5be803de2452ce702631c021fcd9ce8aaffected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 38bdbc897c0d83a3e2b925a51b69420f1feba29aaffected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 0069813e6ca9309eca78022bcb3aeb1e9ef90a12affected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7affected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 7c66b368c6ff453f99cb39d84af93e908e51eef2affected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < 085e31a811ef234ef8c3e219c4636dfebfe7e10faffected
LinuxLinux4b3418fba0fe819197e3359d5ddbef84ba2c59de < f996edd7615e686ada141b7f3395025729ff8ccbaffected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux5.10.258 <= 5.10.*unaffected
LinuxLinux5.15.209 <= 5.15.*unaffected
LinuxLinux6.1.175 <= 6.1.*unaffected
LinuxLinux6.6.141 <= 6.6.*unaffected
LinuxLinux6.12.91 <= 6.12.*unaffected
LinuxLinux6.18.33 <= 6.18.*unaffected
LinuxLinux7.0.10 <= 7.0.*unaffected
LinuxLinux7.1 <= *unaffected

Weaknesses

ADP Enrichment

kernel: ipv6: fix possible UAF in icmpv6_rcv()

Additional References

References