SUSE CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

Linux Distros Unpatched Vulnerability : CVE-2026-43501

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into...

CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

CVE-2026-43501

CVE-2026-43501 - Linux kernel IPv6 SRH headroom bug : The issue occurs in ipv6_rpl_srh_rcv() when decompressing and recompressing RFC 6554 Source Routing Headers, where the recompressed IPv6 header can grow beyond the received header. The root cause is an unsafe headroom handling in pskb_expand_h...

CVE-2026-43501 ipv6: rpl: reserve mac_len headroom when recompressed SRH grows

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

CVE-2026-43501

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

EUVD-2026-31276

In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...

PT-2026-42457

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ipv6 rpl srh rcv function during the decompression and recompression of RFC 6554 Source Routing Headers. When the recompressed header is larger than the received...

CVE-2023-29001

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

CVE-2023-29001

CVE-2023-29001 affects Contiki-NG. The IPv6 SRH processing in Contiki-NG’s two RPL implementations can cause an uncontrolled recursion in the function tcpip_ipv6_output when a packet with a local next-hop address is received, potentially triggering a stack overflow. Exploitation requires attacker...

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

Contiki-NG out-of-bounds write vulnerability (CNVD-2021-44269)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in the rplextheadersrhupdate function in rpl-ext-header.c in the RPL-Classic and RPL-Lite implementations of Contiki-NG prior to version 4.6. The vulnerability...

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in the rplextheadersrhupdate function in rpl-ext-header.c in the RPL-Classic and RPL-Lite implementations of Contiki-NG prior to version 4.6. The vulnerability...

Contiki-NG 安全漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer overflow vulnerability exists in the RPL source routing header processing in Contiki-NG versions prior to 4.5. An attacker could exploit this vulnerability to cause a denial of service...