CVE-2026-23304NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference9 documents8 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 90.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelDebian Linux+1 more
Timeline
PublishedMar 25

Description

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6_rt_pcpu_alloc() -> ip6_rt_get_dev_rcu() with commit 4832c30d5458 ("net: ipv6: put host and anycast routes on device with address"). KASAN: null-ptr-deref in range [0x0000000000000108-0x000000000000010f] RI

Affected Packages5 packages

Linuxlinux/linux_kernel4.14.06.1.167+4
Debianlinux/linux_kernel< 6.19.8-1
CVEListV5linux/linux4832c30d5458387ff2533ff66fbde26ad8bb5a2d4a48fe59f29f673a3d042d679f26629a9c3e29d4+6
debiandebian/linux< linux 6.19.8-1 (forky)

🔴Vulnerability Details

3
OSV
ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()2026-03-25
OSV
CVE-2026-23304: In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can r2026-03-25
GHSA
GHSA-3qgv-qj84-5mmh: In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() l3mdev_master_dev_rcu() can2026-03-25

📋Vendor Advisories

3
Red Hat
kernel: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()2026-03-25
Microsoft
ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()2026-03-10
Debian
CVE-2026-23304: linux - In the Linux kernel, the following vulnerability has been resolved: ipv6: fix N...2026

🕵️Threat Intelligence

1
Wiz
CVE-2026-23304 Impact, Exploitability, and Mitigation Steps | Wiz