ARP Payload Parsing Issue in Linux Kernel Affecting IEEE1394 Devices
CVE-2026-45844

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 May 2026

What is CVE-2026-45844?

A vulnerability has been identified in the Linux kernel related to ARP payload parsing for IEEE1394 devices. The function arp_packet_match() incorrectly assumes that both source and target hardware addresses are present, leading to potential misinterpretations of ARP packets. This issue may result in incorrect packet filtering decisions—legitimate packets could be denied or undesired packets could be inadvertently accepted. To address this, patches have been applied to ensure that any attempt to match on the non-existent target hardware address in IEEE1394 results in a definitive no match (0), effectively improving the integrity of packet mangling and filtering processes in network operations.

Affected Version(s)

Linux 6752c8db8e0cfedb44ba62806dd15b383ed64000

Linux 6752c8db8e0cfedb44ba62806dd15b383ed64000 < 03ea11dbefaa55c502735ee551c89ef773fe753b

Linux 6752c8db8e0cfedb44ba62806dd15b383ed64000 < 1c55053f8ffdc060006df898fd3664e3d1bfac7b

References

https://git.kernel.org/stable/c/ad9973df8e0eeb123d9ec4d18...

https://git.kernel.org/stable/c/03ea11dbefaa55c502735ee55...

https://git.kernel.org/stable/c/1c55053f8ffdc060006df898f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 27, 2026
Vulnerability Reserved
May 13, 2026

CVE-2026-45844 Data

JSON