CVE-2026-53006

EUVD-2026-38874
In the Linux kernel, the following vulnerability has been resolved:

ipv6: fix possible UAF in icmpv6_rcv()

Caching saddr and daddr before pskb_pull() is problematic
since skb->head can change.

Remove these temporary variables:

- We only access &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr
  when net_dbg_ratelimited() is called in the slow path.

- Avoid potential future misuse after pskb_pull() call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
vulnerable
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
vulnerable
forky
7.0.12-2
fixed
sid
7.0.13-1
fixed
trixie
vulnerable
trixie (security)
6.12.94-1
fixed
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/0069813e6ca9309eca78022bcb3aeb1e9ef90a12
https://git.kernel.org/stable/c/085e31a811ef234ef8c3e219c4636dfebfe7e10f
https://git.kernel.org/stable/c/1e1f0f89ee4692a64be3f3707ff8ac1ae57b03e7
https://git.kernel.org/stable/c/38bdbc897c0d83a3e2b925a51b69420f1feba29a
https://git.kernel.org/stable/c/7bff2c8fe5c35ae58bf73104f53db3676e6e5d94
https://git.kernel.org/stable/c/7c66b368c6ff453f99cb39d84af93e908e51eef2
https://git.kernel.org/stable/c/aff0f28f5be803de2452ce702631c021fcd9ce8a
https://git.kernel.org/stable/c/f996edd7615e686ada141b7f3395025729ff8ccb