CVE-2026-23439

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the udp tunnel functionality. When the IPv6 configuration (CONFIG IPV6) is disabled, the udp sock create6() function may return a success status without actually creating a socket. Subsequently, functions like fou create() attempt to dereference an uninitialized socket pointer, leading to a NULL pointer dereference. The crash was captured with a BUG message indicating a kernel NULL pointer dereference at fou nl add doit in net/ipv4/fou core.c. The patch resolves this by making udp sock create6() return -EPFNOSUPPORT when CONFIG IPV6 is disabled, ensuring callers handle the error appropriately. The issue is triggered only by privileged users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.