IPv6 ICMP Error Processing Flaw in Linux Kernel by Linux Foundation
CVE-2026-43038
What is CVE-2026-43038?
A vulnerability exists in the Linux kernel's handling of IPv6 ICMP error packets, specifically in the function ip6_err_gen_icmpv6_unreach(). This flaw arises when an IPv4 ICMP error packet is processed, and it can lead to incorrect interpretation of parameters when cloning packets. If a malicious actor sends a crafted ICMPv4 error containing a CIPSO IP option, it could lead to unexpected behavior in the processing of IPv6 packets due to overlapping data structures. This poses a significant risk as it may allow the attacker to manipulate packet processing and potentially compromise security. A patch has been implemented to clear the skb2->cb array in the relevant function to mitigate this issue.
Affected Version(s)
Linux ca15a078bd907df5fc1c009477869c5cbde3b753
Linux ca15a078bd907df5fc1c009477869c5cbde3b753 < 0452b6526b2f54b2413b9cb4ff1ea2ac542c99c7
Linux ca15a078bd907df5fc1c009477869c5cbde3b753