CVE-2026-46037 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 ipv4 array_index_nospec icmp_pointers[] privilege escalation

Inserito da Angelo Barbosa | Mag 27, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3. Affected by this vulnerability is the function array_index_nospec of the component ipv4. The manipulation of the argument icmp_pointers[] leads to privilege escalation.

This vulnerability is documented as CVE-2026-46037. The attack requires being on the local network. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-46037 | Linux Kernel up to 6.6.139/6.12.85/6.18.26/7.0.3 ipv4 array_index_nospec icmp_pointers[] privilege escalation

Post correlati

CVE-2019-25625 | Pixarra Blob Studio 2.17 improper validation of specified index, position, or offset in input (Exploit 46129 / EDB-46129)

CVE-2024-25107 | miraheze WikiDiscover Special:WikiDiscover Language::date cross site scripting (GHSA-cfcf-94jv-455f)

CVE-2024-47258 | 2N Access Commander up to 2.1 channel accessible

CVE-2026-2734 | MLflow up to 3.9.x REST API BEFORE_REQUEST_VALIDATORS/AFTER_REQUEST_HANDLERS access control