Primary

Context

Linux Kernel NULL Dereference Vulnerability in IPv6 IOAM Component

Vulnerability

Patched

A vulnerability in the Linux kernel's IPv6 IOAM (In-situ Operations, Administration, and Maintenance) implementation could lead to NULL pointer dereferences. This issue arises in the '__ioam6_fill_trace_data' function, where the code fails to properly check for NULL values in certain device-related functions. The vulnerability has been addressed by adding the necessary NULL checks and updating the data handling to prevent potential crashes.

Impact

Exploitation of this vulnerability could lead to NULL pointer dereferences, causing a kernel crash or denial of service.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.

Added: May 6, 2026, 10:42 AM

Updated: May 6, 2026, 10:42 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

7.7

relevance

7.6

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel NULL Dereference Vulnerability in IPv6 IOAM Component

Vulnerability

Impact

Remediation

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating