CVE-2026-53006

critical

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching saddr and daddr before pskb_pull() is problematic since skb->head can change. Remove these temporary variables: - We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr when net_dbg_ratelimited() is called in the slow path. - Avoid potential future misuse after pskb_pull() call.

References

https://git.kernel.org/stable/c/f996edd7615e686ada141b7f3395025729ff8ccb

https://git.kernel.org/stable/c/aff0f28f5be803de2452ce702631c021fcd9ce8a

https://git.kernel.org/stable/c/7c66b368c6ff453f99cb39d84af93e908e51eef2

https://git.kernel.org/stable/c/7bff2c8fe5c35ae58bf73104f53db3676e6e5d94

https://git.kernel.org/stable/c/38bdbc897c0d83a3e2b925a51b69420f1feba29a

https://git.kernel.org/stable/c/1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7

https://git.kernel.org/stable/c/085e31a811ef234ef8c3e219c4636dfebfe7e10f

https://git.kernel.org/stable/c/0069813e6ca9309eca78022bcb3aeb1e9ef90a12

Details

Source: Mitre, NVD

Published: 2026-06-24

Updated: 2026-06-24

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00184