Zero Day MonitorZDM

← Back to list

—

CVE-2026-53263EXPLOITEDPATCHED

linux · linux kernel

6lowpan: fix off-by-one in multicast context address compression

Description

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpan_iphc_mcast_ctx_addr_compress() uses &data[1] as destination and &ipaddr->s6_addr[11] as source, but both should be offset by one: &data[2] and &ipaddr->s6_addr[12] respectively. This off-by-one has two consequences: 1. data[1] is overwritten with s6_addr[11], corrupting the RIID field in the compressed multicast address 2. data[5] is never written, so uninitialized kernel stack memory is transmitted over the network via lowpan_push_hc_data(), leaking kernel stack contents The correct inline data layout must match what the decompression function lowpan_uncompress_multicast_ctx_daddr() expects: data[0..1] = s6_addr[1..2] (flags/scope + RIID) data[2..5] = s6_addr[12..15] (group ID) Also zero-initialize the data array as a defensive measure against similar bugs in the future.

Affected Products

Vendor	Product	Versions
linux	linux kernel	5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 5609c185f24dffca5f6a9c127106869da150be03, 4.6, 7.0.12, 5.10.259, 5.15.210, 6.1.176, 6.6.143, 6.12.94, 6.18.36, 7.0.13, 7.1

References

Related News (3 articles)

Tier A

Microsoft MSRC2h ago

CVE-2026-53263 6lowpan: fix off-by-one in multicast context address compression

→ No new info (linked only)

Tier C

VulDB3d ago

CVE-2026-53263 | Linux Kernel up to 7.0.12 6lowpan lowpan_iphc_mcast_ctx_addr_compress s6_addr off-by-one

→ No new info (linked only)

Tier C

Linux Kernel CVEs3d ago

CVE-2026-53263: 6lowpan: fix off-by-one in multicast context address compression

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

f24a58c72a45f4c109f3557a760cc4b60b7a6037

CWECWE-119

PublishedJun 25, 2026

Last enriched2d agov3

Trending Score65

Source articles3

Independent3

Info Completeness9/14

Missing: cvss, epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-31431EXPKEV

crypto: algif_aead - Revert to operating out-of-place

HIGHCVE-2026-43284EXPKEV

xfrm: esp: avoid in-place decrypt on shared skb frags

HIGHCVE-2026-43500EXPKEV

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

HIGHCVE-2026-46243EXP

smb: client: reject userspace cifs.spnego descriptions

HIGHCVE-2026-46333EXP

ptrace: slightly saner 'get_dumpable()' logic

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 25, 2026

Actively Exploited

Jun 25, 2026

Exploit Available

Jun 25, 2026

Patch Available

Jun 25, 2026

Discovered by ZDM

Jun 25, 2026

Updated: description, affectedVersions, severity, cweIds

Jun 25, 2026

Updated: description, affectedVersions, exploitAvailable, activelyExploited, patchAvailable

Jun 25, 2026

Version History

v3

Last enriched 2d ago

v3Tier C2d ago

Updated description with technical details, marked exploit as available, and listed affected versions including new fixes.

descriptionaffectedVersionsexploitAvailableactivelyExploitedpatchAvailable

via Linux Kernel CVEs

v2Tier C3d ago

Updated description with critical severity, added affected version 7.0.12, and noted no exploit exists.

descriptionaffectedVersionsseveritycweIds

via VulDB

v13d ago

Initial creation