Security Advisory

CVE-2026-23442

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-03 15:15:26

Last updated 2026-05-11 22:06:59

Assigner Linux

State PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by __in6_dev_get() in both seg6_hmac_validate_skb() and ipv6_srh_rcv() to prevent potential NULL pointer dereferences.

← Browse all CVEs View on cve.org ↗