🔴 严重 | CVE-2026-53221 — In the Linux kernel, the following vulnerability h...
🔴 《严重安全漏洞:CVE-2026-53221》
CVSS 评分: 严重(9.8) 状态: Received 发布时间: 2026-06-25
英文原文描述
In the Linux kernel, the following vulnerability has been resolved:
ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()
In vti6_tnl_lookup(), when an exact match for a tunnel fails,
the code falls back to searching for wildcard tunnels:
Tunnels matching the packet's local address, with any remote address
wildcard remote).Tunnels matching the packet's remote address, with any local address
(wildcard local).
However, vti6 stores all these different types of tunnels in the same
hash table (ip6n->tnls_r_l) prone to hash collisions.
The bug is that the fallback search loops in vti6_tnl_lookup() were
missing checks to ensure that the candidate tunnel actually has
a wildcard address.
🔍 技术细节
| 字段 | 值 |
|---|---|
| CVE ID | CVE-2026-53221 |
| CVSS 评分 | 9.8 🔴 |
| 严重程度 | 严重 |
| CVSS 向量 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 发布时间 | 2026-06-25 |
| 最后更新 | 2026-06-28 |
| 状态 | Received |
| 数据来源 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
🔗 参考链接
https://git.kernel.org/stable/c/2abfb19bbb81958714ad1d43ebeb65b30394184b
https://git.kernel.org/stable/c/2fc7bc087cc7085368263d9d37bfe9a0bddd6a2d
https://git.kernel.org/stable/c/47fb3c2b4203556308e64354b3e78f2ce221d646
https://git.kernel.org/stable/c/90fd4513315ca07da99cfd8549d3e553a7160f0d
https://git.kernel.org/stable/c/a5c0359f5cbc51a2e2b114d6041e0f3c73f903e9
https://git.kernel.org/stable/c/c327fa4fca31415431202e063767a7ae342e19c6
https://git.kernel.org/stable/c/f513f308cc4bdb4530d033431592ffbc29b7fca1
https://git.kernel.org/stable/c/fc657ac0767c49839b3ef0b08dc0953ca30883f8
🤖 本文由 CVE 安全快讯机器人自动生成
英文描述已由 AI 自动翻译为中文,仅供参考,请以原文为准
数据来源: NVD (National Vulnerability Database) | 获取时间: 2026-06-28 18:14