CVE-2026-23381

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's bridge networking component. When the system boots with IPv6 disabled ('ipv6.disable=1'), the neighbor discovery table (nd tbl) is not initialized. Subsequently, if neighbor suppression is enabled and an ICMPv6 Neighbor Discovery packet is received by the bridge, a NULL pointer dereference occurs when attempting to access the uninitialized nd tbl via the neigh lookup() function. This can lead to a kernel panic. The issue arises from the use of IS ENABLED(IPV6) which is replaced with ipv6 mod enabled() in the callers to disable NS/NA suppression when IPv6 is disabled.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.