CVE Catalog

CVE-2026-45847

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

5th percentile - higher than 5% of all known CVEs

Summary

In the Linux kernel, the WARN_ON_ONCE warning when accessing the forward path array has been removed. Support for IPIP tunnels increased the likelihood of hitting this warning if userspace builds a sufficiently long forward path.

Risk Assessment

The warning could cause unnecessary logs and potential kernel panics, leading to system instability.

Recommendation

It is recommended to update the Linux kernel to a version containing this fix to avoid false warnings and improve stability.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: net: remove WARN_ON_ONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARN_ON_ONCE if userspace manages to build a sufficiently long forward path. Remove it.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS