CVE Catalog

CVE-2026-46037

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.44%

35th percentile - higher than 35% of all known CVEs

Summary

A vulnerability in the Linux kernel related to validating ICMP reply types before using ICMP pointers has been resolved. Extended echo replies use ICMP_EXT_ECHOREPLY, which is outside the range covered by icmp_pointers[].

Risk Assessment

Inadequate validation of ICMP reply types may lead to unexpected system behavior, posing a risk to the integrity and security of network communication.

Recommendation

It is recommended to update the Linux kernel to the latest version to benefit from the fixes related to ICMP reply type validation.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmp_pointers Extended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type. That value is outside the range covered by icmp_pointers[], which only describes the traditional ICMP types up to NR_ICMP_TYPES. Avoid consulting icmp_pointers[] for reply types outside that range, and use array_index_nospec() for the remaining in-range lookup. Normal ICMP replies keep their existing behavior unchanged.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS