CVE-2026-46266 in Linuxinformación

Resumen

por MITRE • 2026-06-03

In the Linux kernel, the following vulnerability has been resolved:

inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP

Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTO_RAW (255) was dangerous.

socket(AF_INET, SOCK_RAW, 255);

A malicious incoming ICMP packet can set the protocol field to 255 and match this socket, leading to FNHE cache changes.

inner = IP(src="192.168.2.1", dst="8.8.8.8", proto=255)/Raw("TEST") pkt = IP(src="192.168.1.1", dst="192.168.2.1")/ICMP(type=3, code=4, nexthopmtu=576)/inner

"man 7 raw" states:

A protocol of IPPROTO_RAW implies enabled IP_HDRINCL and is able to send any IP protocol that is specified in the passed header. Receiving of all IP protocols via IPPROTO_RAW is not possible using raw sockets.

Make sure we drop these malicious packets.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Linux

Reservar

2026-05-13

Divulgación

2026-06-03

Moderación

aceptado

Artículo

VDB-368178

CPE

listo

CWE

CWE-371 (confirmado)

CVSS

5.5 (VulDB)

EPSS

0.00000

KEV

Actividades

bajo

Sector

Chemical, Hostingprovider, ...

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-46266
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-46266
CVE Details	https://www.cvedetails.com/cve/CVE-2026-46266/

◂ Anterior Visión De Conjunto Próximo ▸

Want to know what is going to be exploited?

We predict KEV entries!