Stack Overflow Vulnerability in Zephyr's Network Stack due to ICMP Ping
CVE-2026-1681

6.1MEDIUM

Key Information:

Vendor: Zephyrproject-rtos
Status: Zephyr
Vendor: CVE Published:; 12 May 2026

🔔 Create Zephyrproject-rtos Vulnerability Alert

What is CVE-2026-1681?

The vulnerability arises when an ICMP ping is issued via the net ping shell command directed at a device's own IPv4 address. This results in the network stack recursively re-entering the input path on the same system work-queue stack. As the destination is identified as a local address, both the echo request and the resulting echo reply are processed inline before the ongoing frame is completed. This recursive processing leads to an excessive accumulation of nested input-path frames that ultimately surpass the limits of the work-queue stack, triggering a stack overflow.

Affected Version(s)

Zephyr * <= 4.3

References

https://github.com/zephyrproject-rtos/zephyr/security/adv...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
Jan 30, 2026

CVE-2026-1681 Data

JSON