๐Ÿ” CVE Alert

CVE-2026-22988

HIGH 7.8

arp: do not assume dev_hard_header() does not change skb->head

CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit broke this assumption. Initialize @arp pointer after dev_hard_header() call.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Jan 23, 2026
Last Updated Apr 27, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Linux / Linux
17e7386234f740f3e7d5e58a47b5847ea34c3bc2 < e432dbff342b95fe44645f9a90fcf333c80f4b5e 41a1a3140aff295dee8063906f70a514548105e8 < 393525dee5c39acff8d6705275d7fcaabcfb7f0a adee129db814474f2f81207bd182bf343832a52e < 70bddc16491ef4681f3569b3a2c80309a3edcdd1 1717357007db150c2d703f13f5695460e960f26c < 029935507d0af6553c45380fbf6feecf756fd226 5fe210533e3459197eabfdbf97327dacbdc04d60 < dd6ccec088adff4bdf33e2b2dd102df20a7128fa 91a2b25be07ce1a7549ceebbe82017551d2eec92 < 949647e7771a4a01963fe953a96d81fba7acecf3 db5b4e39c4e63700c68a7e65fc4e1f1375273476 < c92510f5e3f82ba11c95991824a41e59a9c5ed81
Linux / Linux
6.1.160 < 6.1.161 6.6.120 < 6.6.121 6.12.64 < 6.12.66 6.18.4 < 6.18.6

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/e432dbff342b95fe44645f9a90fcf333c80f4b5e git.kernel.org: https://git.kernel.org/stable/c/393525dee5c39acff8d6705275d7fcaabcfb7f0a git.kernel.org: https://git.kernel.org/stable/c/70bddc16491ef4681f3569b3a2c80309a3edcdd1 git.kernel.org: https://git.kernel.org/stable/c/029935507d0af6553c45380fbf6feecf756fd226 git.kernel.org: https://git.kernel.org/stable/c/dd6ccec088adff4bdf33e2b2dd102df20a7128fa git.kernel.org: https://git.kernel.org/stable/c/949647e7771a4a01963fe953a96d81fba7acecf3 git.kernel.org: https://git.kernel.org/stable/c/c92510f5e3f82ba11c95991824a41e59a9c5ed81