Linux Kernel Vulnerability Affecting ICMP Protocol Handling
CVE-2026-23398

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
26 March 2026

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2026-23398?

A vulnerability in the Linux kernel's ICMP protocol handling could lead to a kernel panic upon receiving specific ICMP Fragmentation Needed errors. The issue arises from the unconditional dereference of an unregistered protocol's handler, which may result in a NULL pointer dereference. This occurs particularly when the ip_no_pmtu_disc setting is configured with hardened PMTU mode. Proper checks must be implemented to ensure that the protocol has registered handlers before accessing related functions to prevent potential system crashes.

Affected Version(s)

Linux 8ed1dc44d3e9e8387a104b1ae8f92e9a3fbf1b1e < 1f9f2c6d4b2a613b7756fc5679c5116ba2ca0161

Linux 8ed1dc44d3e9e8387a104b1ae8f92e9a3fbf1b1e

Linux 8ed1dc44d3e9e8387a104b1ae8f92e9a3fbf1b1e < 9647e99d2a617c355d2b378be0ff6d0e848fd579

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

References

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.