Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-53006
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-24 Jun, 2026 | 16:29
Updated At-30 Jun, 2026 | 12:09
Rejected At-
▼CVE Numbering Authority (CNA)
ipv6: fix possible UAF in icmpv6_rcv()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching saddr and daddr before pskb_pull() is problematic since skb->head can change. Remove these temporary variables: - We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr when net_dbg_ratelimited() is called in the slow path. - Avoid potential future misuse after pskb_pull() call.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/ipv6/icmp.c
Default Status
unaffected
Versions
Affected
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 7bff2c8fe5c35ae58bf73104f53db3676e6e5d94 (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before aff0f28f5be803de2452ce702631c021fcd9ce8a (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 38bdbc897c0d83a3e2b925a51b69420f1feba29a (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 0069813e6ca9309eca78022bcb3aeb1e9ef90a12 (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7 (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 7c66b368c6ff453f99cb39d84af93e908e51eef2 (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before 085e31a811ef234ef8c3e219c4636dfebfe7e10f (git)
  • From 4b3418fba0fe819197e3359d5ddbef84ba2c59de before f996edd7615e686ada141b7f3395025729ff8ccb (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • net/ipv6/icmp.c
Default Status
affected
Versions
Affected
  • 4.4
Unaffected
  • From 0 before 4.4 (semver)
  • From 5.10.258 through 5.10.* (semver)
  • From 5.15.209 through 5.15.* (semver)
  • From 6.1.175 through 6.1.* (semver)
  • From 6.6.141 through 6.6.* (semver)
  • From 6.12.91 through 6.12.* (semver)
  • From 6.18.33 through 6.18.* (semver)
  • From 7.0.10 through 7.0.* (semver)
  • From 7.1 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://git.kernel.org/stable/c/7bff2c8fe5c35ae58bf73104f53db3676e6e5d94
N/A
https://git.kernel.org/stable/c/aff0f28f5be803de2452ce702631c021fcd9ce8a
N/A
https://git.kernel.org/stable/c/38bdbc897c0d83a3e2b925a51b69420f1feba29a
N/A
https://git.kernel.org/stable/c/0069813e6ca9309eca78022bcb3aeb1e9ef90a12
N/A
https://git.kernel.org/stable/c/1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7
N/A
https://git.kernel.org/stable/c/7c66b368c6ff453f99cb39d84af93e908e51eef2
N/A
https://git.kernel.org/stable/c/085e31a811ef234ef8c3e219c4636dfebfe7e10f
N/A
https://git.kernel.org/stable/c/f996edd7615e686ada141b7f3395025729ff8ccb
N/A
Hyperlink: https://git.kernel.org/stable/c/7bff2c8fe5c35ae58bf73104f53db3676e6e5d94
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/aff0f28f5be803de2452ce702631c021fcd9ce8a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/38bdbc897c0d83a3e2b925a51b69420f1feba29a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/0069813e6ca9309eca78022bcb3aeb1e9ef90a12
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/7c66b368c6ff453f99cb39d84af93e908e51eef2
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/085e31a811ef234ef8c3e219c4636dfebfe7e10f
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f996edd7615e686ada141b7f3395025729ff8ccb
Resource: N/A
▼Authorized Data Publishers (ADP)
kernel: ipv6: fix possible UAF in icmpv6_rcv()

A flaw was found in the Linux kernel's IPv6 (Internet Protocol version 6) implementation. This vulnerability, a Use-After-Free (UAF) error, occurs due to incorrect caching of network packet addresses before a memory operation. An attacker could potentially exploit this flaw to cause memory corruption, which may lead to a denial of service or, in some scenarios, arbitrary code execution.

Affected Products
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
CPEs
  • cpe:/o:redhat:enterprise_linux:9
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unaffected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unknown
Problem Types
TypeCWE IDDescription
CWECWE-825Expired Pointer Dereference
Type: CWE
CWE ID: CWE-825
Description: Expired Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.17.0HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Red Hat severity rating
value:
Important
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Reported to Red Hat.2026-06-24 00:00:00
Made public.2026-06-24 00:00:00
Event: Reported to Red Hat.
Date: 2026-06-24 00:00:00
Event: Made public.
Date: 2026-06-24 00:00:00
Replaced By

Rejected Reason

References
HyperlinkResource
https://access.redhat.com/security/cve/CVE-2026-53006
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2492363
issue-tracking
x_refsource_REDHAT
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53006.json
x_sadp-csaf-vex
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-53006
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2492363
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53006.json
Resource:
x_sadp-csaf-vex
Details not found