Zero Day MonitorZDM

← Back to list

—

CVE-2026-23442PATCHED

linux · linux kernel

ipv6: add NULL checks for idev in SRv6 paths

Description

A vulnerability was found in Linux Kernel up to 6.19.9/7.0-rc4. It has been declared as critical. This impacts the function __in6_dev_get of the component ipv6. Executing a manipulation can lead to null pointer dereference. The attack needs to be done within the local network.

Affected Products

Vendor	Product	Versions
linux	linux kernel	1ababeba4a21f3dba3da3523c670b207fb2feb62, 1ababeba4a21f3dba3da3523c670b207fb2feb62, 4.10, 6.19.9, 7.0-rc4

References

Related News (3 articles)

Tier A

Microsoft MSRC1d ago

CVE-2026-23442 ipv6: add NULL checks for idev in SRv6 paths

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2026-23442 | Linux Kernel up to 6.19.9/7.0-rc4 ipv6 __in6_dev_get null pointer dereference

→ No new info (linked only)

Tier C

Linux Kernel CVEs2d ago

CVE-2026-23442: ipv6: add NULL checks for idev in SRv6 paths

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

Patch available

a25853c9feea7bbf31d157ff6e004d2d3b4f7f1306413793526251870e20402c39930804f14d59c006.19.107.0-rc5

PublishedApr 3, 2026

Last enriched2d agov2

Trending Score40

Source articles3

Independent3

Info Completeness7/14

Missing: cvss, epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-23444EXP

wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure

NONECVE-2026-31410EXP

ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION

NONECVE-2026-23472EXP

serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN

CRITICALCVE-2026-23473

io_uring/poll: fix multishot recv missing EOF on wakeup race

CRITICALCVE-2026-23443EXP

ACPI: processor: Fix previous acpi_processor_errata_piix4() fix

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 3, 2026

Discovered by ZDM

Apr 3, 2026

Patch Available

Apr 3, 2026

Updated: description, severity, affectedVersions

Apr 3, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated severity to CRITICAL, added affected versions 6.19.9 and 7.0-rc4, and corrected exploit availability status.

descriptionseverityaffectedVersions

via VulDB

v12d ago

Initial creation