A null pointer dereference in the Windows TCP/IP stack allows an attacker who can reach the target from an adjacent network to trigger a denial of service. The flaw does not require authentication and can be exploited by sending specially crafted packets that cause the kernel networking code to attempt to read a null pointer, resulting in a system crash or forced reboot. The vulnerability is classified as CWE‑476 and leads to loss of availability for the affected host.

Affected Windows operating systems include Windows 10 builds 1607, 1809, 21H2 and 22H2; Windows 11 builds 23H2, 24H2, 25H2, 22H3 and 26H1; and Windows Server editions 2012 (standard and Server Core), 2012 R2 (standard and Server Core), 2016, 2019, 2022, 2025 and the 23H2 Edition (Server Core). All listed builds are impacted when the network interfaces are reachable from an external or adjacent network.

The CVSS score of 7.4 categorizes this as a high‑severity vulnerability. Because the EPSS score is unavailable and the issue is not listed in the CISA KEV catalog, there is no publicly confirmed exploitation data, but the attack vector is presumed to be local‑network or adjacent‑network based on the description. An attacker does not need authentication; the flaw can be triggered by an unauthenticated user who can send traffic to the vulnerable TCP/IP stack, keying in on the null pointer dereference to cause a crash. The resulting denial of service can incapacitate critical services or render the host unreachable, impacting availability across the affected systems.