Always-Incorrect Control Flow Implementation in Linux kernel - CVE-2026-46244
Published: June 4, 2026
Vulnerability identifier: #VU133346
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-46244
CWE-ID: CWE-670
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass firewall restrictions.
The vulnerability exists due to improper handling of the transport header offset in nft_inner_parse_l2l3() in net/netfilter/nft_inner.c when processing inner IPv6 packets with extension headers. A remote attacker can send specially crafted packets to bypass firewall restrictions.
The issue causes a desynchronization between inner_thoff and l4proto, allowing transport header forgery in the inner IPv6 parsing path.
How to mitigate CVE-2026-46244
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/689bbf48c1f45130086ae1c46ab83ea4c753c601
- https://git.kernel.org/stable/c/870d59e2cf218e7418491e26bad768cb16654582
- https://git.kernel.org/stable/c/b6a91f68ebfed9c38e0e9150f58a9b85da07181c
- https://git.kernel.org/stable/c/c161ad9157f5a0429b5ff94d9770faf3bf48d273
- https://git.kernel.org/stable/c/d0f98a3617f6ae5b1e95cde1e68e7ead4a1279ce