CVE-2026-23200

CWE-476NULL Pointer DereferenceCWE-617Reachable Assertion7 documents7 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 97.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux LinuxLinux Linux Kernel
Timeline
PublishedFeb 14

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF syzbot reported a kernel BUG in fib6_add_rt2node() when adding an IPv6 route. [0] Commit f72514b3c569 ("ipv6: clear RA flags when adding a static route") introduced logic to clear RTF_ADDRCONF from existing routes when a static route with the same nexthop is added. However, this causes a problem when the existing route has a gateway. When RTF_ADDRCONF is cleare

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

NVDlinux/linux_kernel6.6.1206.6.124+4
CVEListV5linux/linuxcb2b0caa8ca93cbe39177516669bf699c74f704150b7c7a255858a85c4636a1e990ca04591153dca+7
Debianlinux< 6.12.73-1+1

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
OSV
CVE-2026-23200: In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF syzbot reported a2026-02-14
CVEList
ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF2026-02-14
GHSA
GHSA-q4xx-rwj3-jf4m: In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF syzbot reported2026-02-14

📋Vendor Advisories

2
Red Hat
kernel: ipv6: Fix ECMP sibling count mismatch when clearing RTF_ADDRCONF2026-02-14
Debian
CVE-2026-23200: linux - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix E...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23200 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-23200 (MEDIUM CVSS 5.5) | In the Linux kernel | cvebase.io