Back to overview

CVE-2026-52909

Description
In the Linux kernel, the following vulnerability has been resolved: ip6_vti: set netns_immutable on the fallback device. john1988 and Noam Rathaus reported that vti6_init_net() does not set the netns_immutable flag on the per-netns fallback tunnel device (ip6_vti0). Other similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel) correctly set this flag during their fallback device initialization to prevent them from being moved to another network namespace.

Metadata

CVE ID
CVE-2026-52909
State
PUBLISHED
Assigner
Linux
Reserved
2026-06-09 07:44 UTC
Published
2026-06-19 14:43 UTC
Last updated
2026-06-19 14:43 UTC
Vendor / Product
Linux / Linux
Sources
cve.org  ·  NVD

Severity & Metrics

No CVSS data available.

Affected products (2)
VendorProductPlatformVersions
Linux Linux 61220ab349485d911083d0b7990ccd3db6c63297 < ecf8904067dcba0dad86ece80874841e60317885, 61220ab349485d911083d0b7990ccd3db6c63297 < dcdce3bc9f08026ff3739ee7339e1bef526fc5f3, 61220ab349485d911083d0b7990ccd3db6c63297 < d289d5307762d1838aaece22c6b6fcad9e8865f9
Linux Linux 3.15, 0 < 3.15, 6.18.36 ≤ 6.18.*, 7.0.13 ≤ 7.0.* …
References (3)
Back to overview