CVE-2026-46266

EUVD-2026-34128
In the Linux kernel, the following vulnerability has been resolved:

inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP

Yizhou Zhao reported that simply having one RAW socket on protocol
IPPROTO_RAW (255) was dangerous.

  socket(AF_INET, SOCK_RAW, 255);

A malicious incoming ICMP packet can set the protocol field to 255
and match this socket, leading to FNHE cache changes.

inner = IP(src="192.168.2.1", dst="8.8.8.8", proto=255)/Raw("TEST")
pkt = IP(src="192.168.1.1", dst="192.168.2.1")/ICMP(type=3, code=4, nexthopmtu=576)/inner

"man 7 raw" states:

  A protocol of IPPROTO_RAW implies enabled IP_HDRINCL and is able
  to send any IP protocol that is specified in the passed header.
  Receiving of all IP protocols via IPPROTO_RAW is not possible
  using raw sockets.

Make sure we drop these malicious packets.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
2.6.12.1 ≤
𝑥
< 6.6.128
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.75
linuxlinux_kernel
6.13 ≤
𝑥
< 6.18.14
linuxlinux_kernel
6.19 ≤
𝑥
< 6.19.4
linuxlinux_kernel
2.6.12
linuxlinux_kernel
2.6.12:rc2
linuxlinux_kernel
2.6.12:rc3
linuxlinux_kernel
2.6.12:rc4
linuxlinux_kernel
2.6.12:rc5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
7.1.3-1
fixed
sid
7.1.3-1
fixed
trixie
6.12.94-1
fixed
trixie (security)
6.12.95-1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
dlm-kmp-default
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
gfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
kernel-64kb
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1
fixed
kernel-default
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1
fixed
kernel-default-base
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1.150700.17.39.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1.150700.17.39.1
fixed
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1.150400.24.116.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1.150500.6.83.2
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1.150700.17.39.1
fixed
kernel-default-man
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1
fixed
kernel-source
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.66.1
fixed
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.66.1
fixed
ocfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.320.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
reiserfs-kmp-default
suse enterprise server 15 SP4
5.14.21-150400.24.228.1
fixed
suse enterprise server 15 SP5
5.14.21-150500.55.177.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
bpftool6.12
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
bpftool6.12-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
bpftool6.18
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
bpftool6.18-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel-livepatch-6.12.77-99.140
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel-livepatch-6.18.15-14.217
Amazon Linux 2023
1:1.0-0.amzn2023
fixed
kernel6.12
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-debuginfo-common-aarch64
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-debuginfo-common-x86_64
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-devel
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-headers
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-libbpf
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-libbpf-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-libbpf-devel
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-libbpf-static
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-modules-extra
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-modules-extra-common
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-tools
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-tools-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.12-tools-devel
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
kernel6.18
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-debuginfo-common-aarch64
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-debuginfo-common-x86_64
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-devel
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-headers
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-libbpf
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-libbpf-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-libbpf-devel
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-libbpf-static
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-modules-extra
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-modules-extra-common
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-tools
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-tools-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
kernel6.18-tools-devel
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
perf6.12
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
perf6.12-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
perf6.18
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
perf6.18-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
python3-perf6.12
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
python3-perf6.12-debuginfo
Amazon Linux 2023
1:6.12.77-99.140.amzn2023
fixed
python3-perf6.18
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed
python3-perf6.18-debuginfo
Amazon Linux 2023
1:6.18.15-14.217.amzn2023
fixed