CVE-2026-23003

UNKNOWN

中文标题:

（暂无数据）

英文标题:

In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_p

CVSS分数: N/A

发布时间: 2026-01-25 15:15:55

漏洞类型: （暂无数据）

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v2

漏洞描述

中文描述:

（暂无数据）

英文描述:

In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of pskb_inet_may_pull(). [1] BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321 __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline] INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline] IP6_ECN_decapsulate+0x7a8/0x1fa0 include/net/inet_ecn.h:321 ip6ip6_dscp_ecn_decapsulate+0x16f/0x1b0 net/ipv6/ip6_tunnel.c:729 __ip6_tnl_rcv+0xed9/0x1b50 net/ipv6/ip6_tunnel.c:860 ip6_tnl_rcv+0xc3/0x100 net/ipv6/ip6_tunnel.c:903 gre_rcv+0x1529/0x1b90 net/ipv6/ip6_gre.c:-1 ip6_protocol_deliver_rcu+0x1c89/0x2c60 net/ipv6/ip6_input.c:438 ip6_input_finish+0x1f4/0x4a0 net/ipv6/ip6_input.c:489 NF_HOOK include/linux/netfilter.h:318 [inline] ip6_input+0x9c/0x330 net/ipv6/ip6_input.c:500 ip6_mc_input+0x7ca/0xc10 net/ipv6/ip6_input.c:590 dst_input include/net/dst.h:474 [inline] ip6_rcv_finish+0x958/0x990 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:318 [inline] ipv6_rcv+0xf1/0x3c0 net/ipv6/ip6_input.c:311 __netif_receive_skb_one_core net/core/dev.c:6139 [inline] __netif_receive_skb+0x1df/0xac0 net/core/dev.c:6252 netif_receive_skb_internal net/core/dev.c:6338 [inline] netif_receive_skb+0x57/0x630 net/core/dev.c:6397 tun_rx_batched+0x1df/0x980 drivers/net/tun.c:1485 tun_get_user+0x5c0e/0x6c60 drivers/net/tun.c:1953 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4960 [inline] slab_alloc_node mm/slub.c:5263 [inline] kmem_cache_alloc_node_noprof+0x9e7/0x17a0 mm/slub.c:5315 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:586 __alloc_skb+0x805/0x1040 net/core/skbuff.c:690 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6712 sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2995 tun_alloc_skb drivers/net/tun.c:1461 [inline] tun_get_user+0x1142/0x6c60 drivers/net/tun.c:1794 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 6465 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(none) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
Linux	Linux	a9bc32879a08f23cdb80a48c738017e39aea1080	-	-	`cpe:2.3:a:linux:linux:a9bc32879a08f23cdb80a48c738017e39aea1080:::::::*`
Linux	Linux	af6b5c50d47ab43e5272ad61935d0ed2e264d3f0	-	-	`cpe:2.3:a:linux:linux:af6b5c50d47ab43e5272ad61935d0ed2e264d3f0:::::::*`
Linux	Linux	d54e4da98bbfa8c257bdca94c49652d81d18a4d8	-	-	`cpe:2.3:a:linux:linux:d54e4da98bbfa8c257bdca94c49652d81d18a4d8:::::::*`
Linux	Linux	350a6640fac4b53564ec20aa3f4a0922cb0ba5e6	-	-	`cpe:2.3:a:linux:linux:350a6640fac4b53564ec20aa3f4a0922cb0ba5e6:::::::*`
Linux	Linux	c835df3bcc14858ae9b27315dd7de76370b94f3a	-	-	`cpe:2.3:a:linux:linux:c835df3bcc14858ae9b27315dd7de76370b94f3a:::::::*`
Linux	Linux	6.8	-	-	`cpe:2.3:a:linux:linux:6.8:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

416baaa9-dc9f-4396-8d5f-8c081fb06d67 OTHER
nvd.nist.gov

访问

416baaa9-dc9f-4396-8d5f-8c081fb06d67 OTHER
nvd.nist.gov

访问

416baaa9-dc9f-4396-8d5f-8c081fb06d67 OTHER
nvd.nist.gov

访问

CVSS评分详情

暂无CVSS评分信息

时间信息

发布时间:

2026-01-25 15:15:55

修改时间:

2026-01-25 15:15:55

创建时间:

2026-01-26 02:11:31

更新时间:

2026-01-26 06:00:01

利用信息

暂无可利用代码信息

数据源详情

数据源	记录ID	版本	提取时间
NVD	`nvd_CVE-2026-23003`	2026-01-26 02:00:05	2026-01-25 18:11:31
CVE	`cve_CVE-2026-23003`	2026-01-26 02:40:11	2026-01-25 22:00:01

版本与语言

当前版本: v2

主要语言: EN

支持语言:

安全公告

暂无安全公告信息

变更历史

v2 CVE

2026-01-26 06:00:01

affected_products_count: 0 → 6; data_sources: ['nvd'] → ['cve', 'nvd']

查看详细变更

affected_products_count: 0 -> 6
data_sources: ['nvd'] -> ['cve', 'nvd']

CVE-2026-23003

中文标题:

（暂无数据）

英文标题:

In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_p

漏洞描述

中文描述:

英文描述:

CWE类型:

标签:

受影响产品

解决方案

中文解决方案:

英文解决方案:

临时解决方案:

参考链接

CVSS评分详情

时间信息

利用信息

数据源详情

版本与语言

安全公告

变更历史