ARP Header Manipulation Vulnerability in Linux Kernel Products
CVE-2026-53266

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-53266?

A vulnerability in the Linux kernel's netfilter component allows for unauthorized manipulation of ARP sender hardware addresses. The issue arises from the way the ebtables SNAT target manages Ethernet source address rewrites via skb_ensure_writable(). If the ARP sender hardware address range is not made writable before operations, it could allow malicious actors to manipulate ARP headers, leading to potential network intrusions or address spoofing attacks. It is crucial to ensure that the ARP SHA range is writable to maintain the integrity of network communications.

Affected Version(s)

Linux 63137bc5882a1882c553d389fdeeeace86ee1741

Linux 63137bc5882a1882c553d389fdeeeace86ee1741 < 76280b78cc9f23bdc6438e10ad6dff148ef8375b

Linux 63137bc5882a1882c553d389fdeeeace86ee1741

References

https://git.kernel.org/stable/c/bf84ad7c7a9ede46e31afaa41...

https://git.kernel.org/stable/c/76280b78cc9f23bdc6438e10a...

https://git.kernel.org/stable/c/b7e91939ba9be805a62a257fa...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-53266 Data

JSON