2 matches found
ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
...
CVE-2026-43501 ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: reserve maclen headroom when recompressed SRH grows ipv6rplsrhrcv decompresses an RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses, then pulls the old header and pushes the new on...