Linux Kernel: Netlabel Address Attribute Vulnerability
CVE-2026-53238

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-53238?

A vulnerability exists in the Linux kernel's netlabel functionality due to inadequate validation of address and mask attribute lengths. The function netlbl_unlabel_addrinfo_get() relies on the length of the address attribute for processing IP addresses but fails to independently verify the corresponding mask attribute length. This oversight could allow an attacker to send a malicious Generic Netlink request that includes a valid IP address attribute but with a shorter mask attribute. As a result, the system may incorrectly interpret these shortened mask attributes, leading to potential security risks.

Affected Version(s)

Linux 8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd < 975a84fd741440853380d37465b6e226cf47254c

Linux 8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd < 672f0f3b8f875ffe6525a37847eafa7648c4c0c6

Linux 8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd < 95bda3eac0b1454c2cee98d58d9ba6dd8391e843

References

https://git.kernel.org/stable/c/975a84fd741440853380d3746...

https://git.kernel.org/stable/c/672f0f3b8f875ffe6525a3784...

https://git.kernel.org/stable/c/95bda3eac0b1454c2cee98d58...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53238 Data

JSON