SB20260113111 - Improper error handling in Linux kernel ipv6
Published: January 13, 2026
Security Bulletin ID
SB20260113111
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Improper error handling (CVE-ID: CVE-2025-71098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ip6gre_header() function in net/ipv6/ip6_gre.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1717357007db150c2d703f13f5695460e960f26c
- https://git.kernel.org/stable/c/5fe210533e3459197eabfdbf97327dacbdc04d60
- https://git.kernel.org/stable/c/91a2b25be07ce1a7549ceebbe82017551d2eec92
- https://git.kernel.org/stable/c/adee129db814474f2f81207bd182bf343832a52e
- https://git.kernel.org/stable/c/db5b4e39c4e63700c68a7e65fc4e1f1375273476