CVE-2026-46037
Published: May 27, 2026
Modified: Jun 1, 2026
CVSS v3.1
8.2
Description
In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmp_pointers Extended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type. That value is outside the range covered by icmp_pointers[], which only describes the traditional ICMP types up to NR_ICMP_TYPES. Avoid consulting icmp_pointers[] for reply types outside that range, and use array_index_nospec() for the remaining in-range lookup. Normal ICMP replies keep their existing behavior unchanged.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected d329ea5bd8845f0b196bf41b18b6173340d6e0e4 - < b3a88fc5ae024d43c5ecf653f3bbe837e4a6dc99affected d329ea5bd8845f0b196bf41b18b6173340d6e0e4 - < 93df2af4f491de33827550b9d420f01808c0706baffected d329ea5bd8845f0b196bf41b18b6173340d6e0e4 - < 92e7c209036dcc0e8ffdf806fdfd3645b263bea5affected d329ea5bd8845f0b196bf41b18b6173340d6e0e4 - < bc64a66e0b9ad937d3d49934242ee62b01ba9a94affected d329ea5bd8845f0b196bf41b18b6173340d6e0e4 - < c2178ff1c70ebfc2ab9651b230c58a34683db759+2 more versions |
Linux | Linux | affected 5.13unaffected 0 - < 5.13unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*unaffected 6.6.140 - <= 6.6.*+4 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now