CVE-2026-23442

UNKNOWN 0.0

ipv6: add NULL checks for idev in SRv6 paths

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

7th

In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by __in6_dev_get() in both seg6_hmac_validate_skb() and ipv6_srh_rcv() to prevent potential NULL pointer dereferences.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Apr 3, 2026
Last Updated	Apr 13, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1ababeba4a21f3dba3da3523c670b207fb2feb62 < a25853c9feea7bbf31d157ff6e004d2d3b4f7f13 1ababeba4a21f3dba3da3523c670b207fb2feb62 < 06413793526251870e20402c39930804f14d59c0

Linux / Linux

4.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/a25853c9feea7bbf31d157ff6e004d2d3b4f7f13 git.kernel.org: https://git.kernel.org/stable/c/06413793526251870e20402c39930804f14d59c0