TNCVE-2026-23442 — Vulnetix

TNCVE-2026-23442 PUBLISHED

In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by __in6_dev_get() in both seg6_hmac_validate_skb() and ipv6_srh_rcv() to prevent potential NULL pointer dereferences.

Timeline

Apr 3, 2026 CVE Published

References

Tenable: CVE-2026-23442 advisory

Open in Interactive Console →