CVE-2026-45844

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the netfilter arp tables component regarding the parsing of ARP payloads for IEEE1394 (FireWire) interfaces. The arp packet match() function incorrectly assumes that both source and target hardware addresses are present, whereas IPv4-over-IEEE1394 ARP (RFC 2734) omits the target hardware address. This causes the function to read incorrect bytes for target device address and target IP address comparisons, leading to incorrect filtering decisions where packets may be dropped or accepted erroneously.

Additionally, the arpt mangle function uses linear pointer arithmetic that miscalculates the offset for the target IP address on IEEE1394 devices. This results in mangling operations writing to the wrong memory location, causing packet corruption.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.