CVE-2026-45847

5.5 MEDIUM

Published: May 27, 2026 Modified: June 25, 2026

Description

In the Linux kernel, the following vulnerability has been resolved: net: remove WARN_ON_ONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARN_ON_ONCE if userspace manages to build a sufficiently long forward path. Remove it.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://git.kernel.org/stable/c/008e7a7c293b30bc43e4368dac6ea3808b75a572

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/50422613185d505201167e8bdd2f2700790d5db6

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/548244c2f542aa0ad49453e9306e715a3877bc44

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/9464ca7a6e56ad1ebf48b2ad5c16871edfad10c6

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/959ea349c7e2d4edf07b6838ca7e59345fe61a08

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a78d055ba7c31103ad02f8eceb0c452e154d2660

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/dcf9b3c90e5560339649d088836529883fb509f3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

7 reference(s) from NVD

Quick Stats

CVSS v3 Score

5.5 / 10.0

EPSS (Exploit Probability)

0.2%

5th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-617

Affected Vendors

linux

Related CVEs

CVE-2026-9677 N/A

CVE-2026-13245 6.1

CVE-2026-12404 5.3

CVE-2026-10820 N/A

CVE-2026-12415 9.8