CVE-2026-43038

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...

CVE-2026-5299

ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011343)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011343 advisory. In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6...

CVE-2026-33790 Junos OS: SRX Series: In a NAT64 configuration, receipt of a specific, malformed ICMPv6 packet will cause the srxpfe process to crash and restart.

An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon flowd of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and processing of these...

XNUTest

xnutesting Research & Education Only — Proof-of-concept...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005723)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005723 advisory. In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6...

CVE-2025-55094

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxicmpv6validateoptions when handling a packet with ICMP6 options...

CVE-2025-55094

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxicmpv6validateoptions when handling a packet with ICMP6 options...

EUVD-2025-34869

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxicmpv6validateoptions when handling a packet with ICMP6 options...

CVE-2025-55094 Potential out-of-bounds read in _nx_icmpv6_validate_options()

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxicmpv6validateoptions when handling a packet with ICMP6 options...

Linux Distros Unpatched Vulnerability : CVE-2023-53343

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as...

CVE-2023-53343

In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...

CVE-2023-20086

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to improper processing of ICMPv6 messages. A...

PT-2024-2165 · Unknown · Weston Embedded Uc-Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A denial of service issue exists in the ICMP and ICMPv6 parsing functionality, related to an out-of-bounds read. This can be triggered by a specially crafted network packet, allowing a...

kernel: ipv6: Fix an uninit variable access bug in __ip6_make_skb()

A flaw was identified in the Linux kernel’s IPv6 networking code in the function ip6makeskb. Under certain conditions—such as when using raw IPv6 sockets and processing ICMPv6 headers—the code may access an uninitialized variable because the expected header data is not guaranteed to reside in the...

CVE-2023-20083

A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result...

PT-2023-8662 · Cisco · Snort 2 Detection Engine +1

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to improper error checking when parsing fields within the ICMPv6 header, which could allow an unauthenticated, remote attacker to...

SUSE CVE-2016-3947

Heap-based buffer overflow in the Icmp6::Recv function in icmp/Icmp6.cc in the pinger utility in Squid before 3.5.16 and 4.x before 4.0.8 allows remote servers to cause a denial of service performance degradation or transition failures or write sensitive information to log files via an ICMPv6...

CVE-2020-17441

An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service...

tcpdump: Buffer over-read in print-icmp6.c

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rxcachefind and rxcacheinsert...