CVE-2026-43101

HIGH

ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()

Title source: cna

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() We need to check __in6_dev_get() for possible NULL value, as suggested by Yiming Qian. Also add skb_dst_dev_rcu() instead of skb_dst_dev(), and two missing READ_ONCE(). Note that @dev can't be NULL.

References (3)

Core 3

Core References

https://git.kernel.org/stable/c/4198aab6f000b4febb18ea820fea20634dd789c7

https://git.kernel.org/stable/c/3719c234fa94c37c955b1ecd3742ef280ec135e6

https://git.kernel.org/stable/c/4e65a8b8daa18d63255ec58964dd192c7fdd9f8b

Scores

CVSS v3 7.5

EPSS 0.0006

EPSS Percentile 18.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-476

Status published

Products (10)

Linux/Linux < 5.15

Linux/Linux 5.15

Linux/Linux 6.18.24 - 6.18.*

Linux/Linux 6.19.14 - 6.19.*

Linux/Linux 7.0

Linux/Linux 9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 - 3719c234fa94c37c955b1ecd3742ef280ec135e6

Linux/Linux 9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 - 4198aab6f000b4febb18ea820fea20634dd789c7

Linux/Linux 9ee11f0fff205b4b3df9750bff5e94f97c71b6a0 - 4e65a8b8daa18d63255ec58964dd192c7fdd9f8b

linux/linux_kernel 7.0 rc1 (7 CPE variants)

linux/linux_kernel 5.15 - 6.18.24

Published May 06, 2026

Tracked Since May 06, 2026