9.8
CVE-2026-53006
- EPSS 0.38%
- Veröffentlicht 24.06.2026 16:29:17
- Zuletzt bearbeitet 10.07.2026 19:24:19
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ipv6: fix possible UAF in icmpv6_rcv()
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching saddr and daddr before pskb_pull() is problematic since skb->head can change. Remove these temporary variables: - We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr when net_dbg_ratelimited() is called in the slow path. - Avoid potential future misuse after pskb_pull() call.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 6
Default Statusunaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 7
Default Statusunaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.38% | 0.295 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-825 Expired Pointer Dereference
The product dereferences a pointer that contains a location for memory that was previously valid, but is no longer valid.
https://git.kernel.org/stable/c/7bff2c8fe5c35ae58bf73104f53db3676e6e5d94
https://git.kernel.org/stable/c/aff0f28f5be803de2452ce702631c021fcd9ce8a
https://git.kernel.org/stable/c/38bdbc897c0d83a3e2b925a51b69420f1feba29a
https://git.kernel.org/stable/c/0069813e6ca9309eca78022bcb3aeb1e9ef90a12
https://git.kernel.org/stable/c/1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7
https://git.kernel.org/stable/c/7c66b368c6ff453f99cb39d84af93e908e51eef2
https://git.kernel.org/stable/c/085e31a811ef234ef8c3e219c4636dfebfe7e10f
https://git.kernel.org/stable/c/f996edd7615e686ada141b7f3395025729ff8ccb
https://bugzilla.redhat.com/show_bug.cgi?id=2492363
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53006.json
https://access.redhat.com/security/cve/CVE-2026-53006