EUVD-2026-32482

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...

CVE-2026-46099

The CVE-2026-46099 entry describes a use-after-free race in Linux kernel IPv6 handling for seg6 and rpl lightweight tunnels. A NOREF destination cached during ip6_route_input() can be freed by a concurrent FIB lookup on a shared nexthop under PREEMPT_RT, leading to a WARN or potential instability...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with seg6 and rpl lwtunnels when handling NOREF dst; these vulnerabilities allow concurren...

seg6: separate dst_cache for input and output paths in seg6 lwtunnel

...

EUVD-2026-25561

In the Linux kernel, the following vulnerability has been resolved: seg6: separate dstcache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dstcache per encap route, shared between seg6inputcore and seg6outputcore. These two paths can perform the post-encap SID lookup ...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of dstcache in the seg6 lwtunnel mechanism. This cache shares input and output paths,...

ROS-20260407-73-0040

A vulnerability in the net/ipv6/seg6hmac.c component of the Linux operating system kernel is associated with information leakage based on timing discrepancies. Exploitation of the vulnerability allows an attacker to cause a denial of service...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990401)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990401 advisory. In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the...

bpf: Remove tst_run from lwt_seg6local_prog_ops.

...

seg6: Fix validation of nexthop addresses

...

UBUNTU-CVE-2025-21768

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwtunnel in its own...

DEBIAN-CVE-2024-40957

In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NFHOOK in End.DX4 and End.DX6 behaviors inputactionenddx4 and inputactionenddx6 are called NFHOOK for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outde...

UBUNTU-CVE-2021-47515

In the Linux kernel, the following vulnerability has been resolved: seg6: fix the iif in the IPv6 socket control block When an IPv4 packet is received, the iprcvcore... sets the receiving interface index into the IPv4 socket control block v5.16-rc4, net/ipv4/ipinput.c line 510: IPCBskb-iif =...

SUSE CVE-2023-2860

An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This fla...