CVE-2026-45850 PUBLISHED

ipvs: skip ipv6 extension headers for csum checks

Assigner: Linux
Reserved: 13.05.2026 Published: 27.05.2026 Updated: 27.05.2026

In the Linux kernel, the following vulnerability has been resolved:

ipvs: skip ipv6 extension headers for csum checks

Protocol checksum validation fails for IPv6 if there are extension headers before the protocol header. iph->len already contains its offset, so use it to fix the problem.

Product Status

Vendor	Linux
Product	Linux
Versions	Default: unaffected affected from 0bbdd42b7efa66685b6d74701bcde3a596a3a59d to a3ca27762ce8476b4fbf9b2a8f5cb74c38e483e4 (excl.) affected from 0bbdd42b7efa66685b6d74701bcde3a596a3a59d to 05cfe9863ef049d98141dc2969eefde72fb07625 (excl.)

Vendor	Linux
Product	Linux
Versions	Default: affected Version 2.6.28 is affected unaffected from 0 to 2.6.28 (excl.) unaffected from 6.19.4 to 6.19.* (incl.) unaffected from 7.0 to * (incl.)

References

https://git.kernel.org/stable/c/a3ca27762ce8476b4fbf9b2a8f5cb74c38e483e4
https://git.kernel.org/stable/c/05cfe9863ef049d98141dc2969eefde72fb07625