Description
In the Linux kernel, the following vulnerability has been resolved:

ipv6: prevent possible UaF in addrconf_permanent_addr()

The mentioned helper try to warn the user about an exceptional
condition, but the message is delivered too late, accessing the ipv6
after its possible deletion.

Reorder the statement to avoid the possible UaF; while at it, place the
warning outside the idev->lock as it needs no protection.
Published: 2026-05-08
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In the Linux kernel, the helper addrconf_permanent_addr contains logic that warns users of an exceptional condition after the IPv6 address structure may already have been freed. The message is delivered too late, so the code can access memory that has potentially been reclaimed, creating a classic use‑after‑free flaw.

Affected Systems

All Linux kernel implementations are affected; the vulnerability exists until the patch that reorders the warning and moves it outside the idev->lock guard is applied.

Risk and Exploitability

The use‑after‑free flaw exists in the kernel's IPv6 address configuration code. An attacker may trigger the vulnerable code path by allocating and deleting IPv6 addresses, which can happen during normal network operations. Because the flaw arises inside privileged kernel code, successful exploitation would likely require local privileged execution or remote network-based manipulation of IPv6 traffic. The CVSS score of 7.8 indicates high severity, though the EPSS score of less than 1% suggests a low probability of exploitation at this time. The vulnerability is not listed in the CISA KEV catalog. Depending on the attacker’s capabilities, exploitation could lead to kernel memory corruption, resulting in denial of service or privilege escalation, but the public description does not specify the exact outcome.

Generated by OpenCVE AI on May 15, 2026 at 13:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest stable kernel update that includes the fix for the addrconf_permanent_addr use‑after‑free bug.
  • If an immediate kernel upgrade is not possible, disable IPv6 on the affected machines to eliminate the vulnerable code path until the patch is available.
  • Monitor system logs and kernel integrity for signs of abnormal behavior, and consider hardening measures such as SELinux enforcement or disabling loadable modules until the fix is deployed.

Generated by OpenCVE AI on May 15, 2026 at 13:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4606-1 linux security update
History

Fri, 15 May 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*

Fri, 15 May 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-825
References
Metrics threat_severity

None

 threat_severity

Moderate

Mon, 11 May 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Mon, 11 May 2026 09:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Mon, 11 May 2026 07:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Fri, 08 May 2026 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-416

Fri, 08 May 2026 14:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UaF in addrconf_permanent_addr() The mentioned helper try to warn the user about an exceptional condition, but the message is delivered too late, accessing the ipv6 after its possible deletion. Reorder the statement to avoid the possible UaF; while at it, place the warning outside the idev->lock as it needs no protection.
Title ipv6: prevent possible UaF in addrconf_permanent_addr()
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-05-11T22:22:39.430Z

Reserved: 2026-05-01T14:12:56.003Z

Link: CVE-2026-43339

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-05-08T14:16:43.777

Modified: 2026-05-15T19:50:34.110

Link: CVE-2026-43339

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-05-08T00:00:00Z

Links: CVE-2026-43339 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-15T13:30:45Z

Weaknesses