CVE-2026-46260 (GCVE-0-2026-46260)
Vulnerability from cvelistv5 – Published: 2026-06-03 15:49 – Updated: 2026-06-03 15:49
VLAI
Title
ipv6: Fix out-of-bound access in fib6_add_rt2node().
Summary
In the Linux kernel, the following vulnerability has been resolved:
ipv6: Fix out-of-bound access in fib6_add_rt2node().
syzbot reported out-of-bound read in fib6_add_rt2node(). [0]
When IPv6 route is created with RTA_NH_ID, struct fib6_info
does not have the trailing struct fib6_nh.
The cited commit started to check !iter->fib6_nh->fib_nh_gw_family
to ensure that rt6_qualify_for_ecmp() will return false for iter.
If iter->nh is not NULL, rt6_qualify_for_ecmp() returns false anyway.
Let's check iter->nh before reading iter->fib6_nh and avoid OOB read.
[0]:
BUG: KASAN: slab-out-of-bounds in fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142
Read of size 1 at addr ffff8880384ba6de by task syz.0.18/5500
CPU: 0 UID: 0 PID: 5500 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
Call Trace:
<TASK>
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
print_address_description mm/kasan/report.c:378 [inline]
print_report+0xba/0x230 mm/kasan/report.c:482
kasan_report+0x117/0x150 mm/kasan/report.c:595
fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142
fib6_add_rt2node_nh net/ipv6/ip6_fib.c:1363 [inline]
fib6_add+0x910/0x18c0 net/ipv6/ip6_fib.c:1531
__ip6_ins_rt net/ipv6/route.c:1351 [inline]
ip6_route_add+0xde/0x1b0 net/ipv6/route.c:3957
inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660
rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa68/0xad0 net/socket.c:2592
___sys_sendmsg+0x2a5/0x360 net/socket.c:2646
__sys_sendmsg net/socket.c:2678 [inline]
__do_sys_sendmsg net/socket.c:2683 [inline]
__se_sys_sendmsg net/socket.c:2681 [inline]
__x64_sys_sendmsg+0x1bd/0x2a0 net/socket.c:2681
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f9316b9aeb9
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd8809b678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f9316e15fa0 RCX: 00007f9316b9aeb9
RDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000003
RBP: 00007f9316c08c1f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f9316e15fac R14: 00007f9316e15fa0 R15: 00007f9316e15fa0
</TASK>
Allocated by task 5499:
kasan_save_stack mm/kasan/common.c:57 [inline]
kasan_save_track+0x3e/0x80 mm/kasan/common.c:78
poison_kmalloc_redzone mm/kasan/common.c:398 [inline]
__kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415
kasan_kmalloc include/linux/kasan.h:263 [inline]
__do_kmalloc_node mm/slub.c:5657 [inline]
__kmalloc_noprof+0x40c/0x7e0 mm/slub.c:5669
kmalloc_noprof include/linux/slab.h:961 [inline]
kzalloc_noprof include/linux/slab.h:1094 [inline]
fib6_info_alloc+0x30/0xf0 net/ipv6/ip6_fib.c:155
ip6_route_info_create+0x142/0x860 net/ipv6/route.c:3820
ip6_route_add+0x49/0x1b0 net/ipv6/route.c:3949
inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660
rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958
netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550
netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344
netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894
sock_sendmsg_nosec net/socket.c:727 [inline]
__sock_sendmsg net/socket.c:742 [inline]
____sys_sendmsg+0xa68/0xad0 net/socket.c:2592
___sys_s
---truncated---
Severity
No CVSS data available.
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
50b7c7a255858a85c4636a1e990ca04591153dca , < bcc60ad129ae1837cf809c81bff56ec8bfdb6b11
(git)
Affected: d8143c54ceeba232dc8a13aa0afa14a44b371d93 , < bf5009a06e03ee9a51052bb59f2228a5e4e66260 (git) Affected: b8ad2d53f706aeea833d23d45c0758398fede580 , < 03b5051e02f5a3772eee57493ad697d4b505b0c2 (git) Affected: bbf4a17ad9ffc4e3d7ec13d73ecd59dea149ed25 , < 500e54615c97bc3c427e52305a6fcd38a0e008a3 (git) Affected: bbf4a17ad9ffc4e3d7ec13d73ecd59dea149ed25 , < 8244f959e2c125c849e569f5b23ed49804cce695 (git) Affected: 6.6.124 , < 6.6.128 (semver) Affected: 6.12.70 , < 6.12.75 (semver) Affected: 6.18.10 , < 6.18.14 (semver) |
|
| Linux | Linux |
Affected:
6.19
Unaffected: 0 , < 6.19 (semver) Unaffected: 6.6.128 , ≤ 6.6.* (semver) Unaffected: 6.12.75 , ≤ 6.12.* (semver) Unaffected: 6.18.14 , ≤ 6.18.* (semver) Unaffected: 6.19.4 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv6/ip6_fib.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "bcc60ad129ae1837cf809c81bff56ec8bfdb6b11",
"status": "affected",
"version": "50b7c7a255858a85c4636a1e990ca04591153dca",
"versionType": "git"
},
{
"lessThan": "bf5009a06e03ee9a51052bb59f2228a5e4e66260",
"status": "affected",
"version": "d8143c54ceeba232dc8a13aa0afa14a44b371d93",
"versionType": "git"
},
{
"lessThan": "03b5051e02f5a3772eee57493ad697d4b505b0c2",
"status": "affected",
"version": "b8ad2d53f706aeea833d23d45c0758398fede580",
"versionType": "git"
},
{
"lessThan": "500e54615c97bc3c427e52305a6fcd38a0e008a3",
"status": "affected",
"version": "bbf4a17ad9ffc4e3d7ec13d73ecd59dea149ed25",
"versionType": "git"
},
{
"lessThan": "8244f959e2c125c849e569f5b23ed49804cce695",
"status": "affected",
"version": "bbf4a17ad9ffc4e3d7ec13d73ecd59dea149ed25",
"versionType": "git"
},
{
"lessThan": "6.6.128",
"status": "affected",
"version": "6.6.124",
"versionType": "semver"
},
{
"lessThan": "6.12.75",
"status": "affected",
"version": "6.12.70",
"versionType": "semver"
},
{
"lessThan": "6.18.14",
"status": "affected",
"version": "6.18.10",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv6/ip6_fib.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.19"
},
{
"lessThan": "6.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.128",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.75",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.128",
"versionStartIncluding": "6.6.124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.75",
"versionStartIncluding": "6.12.70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.14",
"versionStartIncluding": "6.18.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.4",
"versionStartIncluding": "6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "6.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix out-of-bound access in fib6_add_rt2node().\n\nsyzbot reported out-of-bound read in fib6_add_rt2node(). [0]\n\nWhen IPv6 route is created with RTA_NH_ID, struct fib6_info\ndoes not have the trailing struct fib6_nh.\n\nThe cited commit started to check !iter-\u003efib6_nh-\u003efib_nh_gw_family\nto ensure that rt6_qualify_for_ecmp() will return false for iter.\n\nIf iter-\u003enh is not NULL, rt6_qualify_for_ecmp() returns false anyway.\n\nLet\u0027s check iter-\u003enh before reading iter-\u003efib6_nh and avoid OOB read.\n\n[0]:\nBUG: KASAN: slab-out-of-bounds in fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142\nRead of size 1 at addr ffff8880384ba6de by task syz.0.18/5500\n\nCPU: 0 UID: 0 PID: 5500 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xba/0x230 mm/kasan/report.c:482\n kasan_report+0x117/0x150 mm/kasan/report.c:595\n fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142\n fib6_add_rt2node_nh net/ipv6/ip6_fib.c:1363 [inline]\n fib6_add+0x910/0x18c0 net/ipv6/ip6_fib.c:1531\n __ip6_ins_rt net/ipv6/route.c:1351 [inline]\n ip6_route_add+0xde/0x1b0 net/ipv6/route.c:3957\n inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa68/0xad0 net/socket.c:2592\n ___sys_sendmsg+0x2a5/0x360 net/socket.c:2646\n __sys_sendmsg net/socket.c:2678 [inline]\n __do_sys_sendmsg net/socket.c:2683 [inline]\n __se_sys_sendmsg net/socket.c:2681 [inline]\n __x64_sys_sendmsg+0x1bd/0x2a0 net/socket.c:2681\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f9316b9aeb9\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffd8809b678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f9316e15fa0 RCX: 00007f9316b9aeb9\nRDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000003\nRBP: 00007f9316c08c1f R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007f9316e15fac R14: 00007f9316e15fa0 R15: 00007f9316e15fa0\n \u003c/TASK\u003e\n\nAllocated by task 5499:\n kasan_save_stack mm/kasan/common.c:57 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\n poison_kmalloc_redzone mm/kasan/common.c:398 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415\n kasan_kmalloc include/linux/kasan.h:263 [inline]\n __do_kmalloc_node mm/slub.c:5657 [inline]\n __kmalloc_noprof+0x40c/0x7e0 mm/slub.c:5669\n kmalloc_noprof include/linux/slab.h:961 [inline]\n kzalloc_noprof include/linux/slab.h:1094 [inline]\n fib6_info_alloc+0x30/0xf0 net/ipv6/ip6_fib.c:155\n ip6_route_info_create+0x142/0x860 net/ipv6/route.c:3820\n ip6_route_add+0x49/0x1b0 net/ipv6/route.c:3949\n inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n ____sys_sendmsg+0xa68/0xad0 net/socket.c:2592\n ___sys_s\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2026-06-03T15:49:57.561Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/bcc60ad129ae1837cf809c81bff56ec8bfdb6b11"
},
{
"url": "https://git.kernel.org/stable/c/bf5009a06e03ee9a51052bb59f2228a5e4e66260"
},
{
"url": "https://git.kernel.org/stable/c/03b5051e02f5a3772eee57493ad697d4b505b0c2"
},
{
"url": "https://git.kernel.org/stable/c/500e54615c97bc3c427e52305a6fcd38a0e008a3"
},
{
"url": "https://git.kernel.org/stable/c/8244f959e2c125c849e569f5b23ed49804cce695"
}
],
"title": "ipv6: Fix out-of-bound access in fib6_add_rt2node().",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-46260",
"datePublished": "2026-06-03T15:49:57.561Z",
"dateReserved": "2026-05-13T15:03:33.108Z",
"dateUpdated": "2026-06-03T15:49:57.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2026-46260\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-03T18:16:27.147\",\"lastModified\":\"2026-06-03T18:16:27.147\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nipv6: Fix out-of-bound access in fib6_add_rt2node().\\n\\nsyzbot reported out-of-bound read in fib6_add_rt2node(). [0]\\n\\nWhen IPv6 route is created with RTA_NH_ID, struct fib6_info\\ndoes not have the trailing struct fib6_nh.\\n\\nThe cited commit started to check !iter-\u003efib6_nh-\u003efib_nh_gw_family\\nto ensure that rt6_qualify_for_ecmp() will return false for iter.\\n\\nIf iter-\u003enh is not NULL, rt6_qualify_for_ecmp() returns false anyway.\\n\\nLet\u0027s check iter-\u003enh before reading iter-\u003efib6_nh and avoid OOB read.\\n\\n[0]:\\nBUG: KASAN: slab-out-of-bounds in fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142\\nRead of size 1 at addr ffff8880384ba6de by task syz.0.18/5500\\n\\nCPU: 0 UID: 0 PID: 5500 Comm: syz.0.18 Not tainted syzkaller #0 PREEMPT(full)\\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\\nCall Trace:\\n \u003cTASK\u003e\\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\\n print_address_description mm/kasan/report.c:378 [inline]\\n print_report+0xba/0x230 mm/kasan/report.c:482\\n kasan_report+0x117/0x150 mm/kasan/report.c:595\\n fib6_add_rt2node+0x349c/0x3500 net/ipv6/ip6_fib.c:1142\\n fib6_add_rt2node_nh net/ipv6/ip6_fib.c:1363 [inline]\\n fib6_add+0x910/0x18c0 net/ipv6/ip6_fib.c:1531\\n __ip6_ins_rt net/ipv6/route.c:1351 [inline]\\n ip6_route_add+0xde/0x1b0 net/ipv6/route.c:3957\\n inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660\\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\\n sock_sendmsg_nosec net/socket.c:727 [inline]\\n __sock_sendmsg net/socket.c:742 [inline]\\n ____sys_sendmsg+0xa68/0xad0 net/socket.c:2592\\n ___sys_sendmsg+0x2a5/0x360 net/socket.c:2646\\n __sys_sendmsg net/socket.c:2678 [inline]\\n __do_sys_sendmsg net/socket.c:2683 [inline]\\n __se_sys_sendmsg net/socket.c:2681 [inline]\\n __x64_sys_sendmsg+0x1bd/0x2a0 net/socket.c:2681\\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\\n do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94\\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\\nRIP: 0033:0x7f9316b9aeb9\\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\\nRSP: 002b:00007ffd8809b678 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\\nRAX: ffffffffffffffda RBX: 00007f9316e15fa0 RCX: 00007f9316b9aeb9\\nRDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000003\\nRBP: 00007f9316c08c1f R08: 0000000000000000 R09: 0000000000000000\\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\\nR13: 00007f9316e15fac R14: 00007f9316e15fa0 R15: 00007f9316e15fa0\\n \u003c/TASK\u003e\\n\\nAllocated by task 5499:\\n kasan_save_stack mm/kasan/common.c:57 [inline]\\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:78\\n poison_kmalloc_redzone mm/kasan/common.c:398 [inline]\\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:415\\n kasan_kmalloc include/linux/kasan.h:263 [inline]\\n __do_kmalloc_node mm/slub.c:5657 [inline]\\n __kmalloc_noprof+0x40c/0x7e0 mm/slub.c:5669\\n kmalloc_noprof include/linux/slab.h:961 [inline]\\n kzalloc_noprof include/linux/slab.h:1094 [inline]\\n fib6_info_alloc+0x30/0xf0 net/ipv6/ip6_fib.c:155\\n ip6_route_info_create+0x142/0x860 net/ipv6/route.c:3820\\n ip6_route_add+0x49/0x1b0 net/ipv6/route.c:3949\\n inet6_rtm_newroute+0x268/0x19e0 net/ipv6/route.c:5660\\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\\n sock_sendmsg_nosec net/socket.c:727 [inline]\\n __sock_sendmsg net/socket.c:742 [inline]\\n ____sys_sendmsg+0xa68/0xad0 net/socket.c:2592\\n ___sys_s\\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/03b5051e02f5a3772eee57493ad697d4b505b0c2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/500e54615c97bc3c427e52305a6fcd38a0e008a3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8244f959e2c125c849e569f5b23ed49804cce695\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bcc60ad129ae1837cf809c81bff56ec8bfdb6b11\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bf5009a06e03ee9a51052bb59f2228a5e4e66260\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…