Vulnerability in Linux Kernel Affecting IPv6 Packet Handling
CVE-2026-53362
What is CVE-2026-53362?
A vulnerability exists in the Linux kernel's handling of IPv6 packets, specifically affecting the paged allocation path in the __ip6_append_data() function. When utilizing certain flags in UDPv6 sockets, like MSG_MORE in conjunction with MSG_SPLICE_PAGES, improper calculations of allocated length and paged length can lead to memory corruption. The vulnerability arises from incorrect accounting for the fraggap value, resulting in a potential risk for unprivileged users to manipulate memory past allocated boundaries, thereby compromising system integrity. This issue highlights the importance of thorough checks during memory operations to avoid unintended access to protected areas.
Affected Version(s)
Linux 773ba4fe9104a64a54d1c00f0fb6ffb95def2b03 < 14200d435af9a9eeb444f529fc2f689a236b7962
Linux 773ba4fe9104a64a54d1c00f0fb6ffb95def2b03 < 65fb14cbebb0cd0eff903a22d33537ddc8b95769
Linux 773ba4fe9104a64a54d1c00f0fb6ffb95def2b03 < 46f201f8b4c39633a1fa3dc12459f506d470993d