CVE-2026-45850— ipvs: skip ipv6 extension headers for csum checks

AI Predicted 5.3 Difficulty: Moderate EPSS 0.02% · P7 Updated May 27, 2026

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 6

Vendor	Product	Version Range	Status
Linux	Linux	`0bbdd42b7efa66685b6d74701bcde3a596a3a59d< a3ca27762ce8476b4fbf9b2a8f5cb74c38e483e4`	affected
		`0bbdd42b7efa66685b6d74701bcde3a596a3a59d< 05cfe9863ef049d98141dc2969eefde72fb07625`	affected
		`2.6.28`	affected
		`< 2.6.28`	unaffected
		`6.19.4≤ 6.19.*`	unaffected
		`7.0≤ *`	unaffected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-45850

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

ipvs: skip ipv6 extension headers for csum checks

Source: NVD (National Vulnerability Database)

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ipvs: skip ipv6 extension headers for csum checks Protocol checksum validation fails for IPv6 if there are extension headers before the protocol header. iph->len already contains its offset, so use it to fix the problem.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Linux kernel 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞，该漏洞源于ipvs模块在计算IPv6校验和时未跳过扩展头，可能导致校验和验证失败。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Linux	Linux	0bbdd42b7efa66685b6d74701bcde3a596a3a59d ~ a3ca27762ce8476b4fbf9b2a8f5cb74c38e483e4	-
Linux	Linux	2.6.28	-

II. Public POCs for CVE-2026-45850

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-45850

请登录查看更多情报信息。

Patches & Fixes for CVE-2026-45850 (2)

https://nvd.nist.gov/vuln/detail/CVE-2026-45850

Same Patch Batch · Linux · 2026-05-27 · 276 CVEs total

CVE-2026-46039	9.8 CRITICAL	rxgk: Fix potential integer overflow in length check
CVE-2026-45898	9.8 CRITICAL	RDMA/iwcm: Fix workqueue list corruption by removing work_list
CVE-2026-45988	9.8 CRITICAL	rxrpc: Fix re-decryption of RESPONSE packets
CVE-2026-45972	9.8 CRITICAL	smb: client: fix potential UAF and double free in smb2_open_file()
CVE-2026-46043	9.1 CRITICAL	RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv
CVE-2026-46056	8.8 HIGH	Bluetooth: hci_event: fix potential UAF in SSP passkey handlers
CVE-2026-45945	8.8 HIGH	iommu/vt-d: Fix race condition during PASID entry replacement
CVE-2026-46037	8.2 HIGH	ipv4: icmp: validate reply type before using icmp_pointers
CVE-2026-45843	8.2 HIGH	slip: bound decode() reads against the compressed packet length
CVE-2026-46010	8.1 HIGH	rxrpc: Fix error handling in rxgk_extract_token()
CVE-2026-46099	8.1 HIGH	net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels
CVE-2026-46076	7.9 HIGH	KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1
CVE-2026-45878	7.8 HIGH	drm/amdkfd: Fix watch_id bounds checking in debug address watch v2
CVE-2026-45959	7.8 HIGH	crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree
CVE-2026-46011	7.8 HIGH	media: mtk-jpeg: fix use-after-free in release path due to uncancelled work
CVE-2026-45894	7.8 HIGH	iommu/vt-d: Clear Present bit before tearing down PASID entry
CVE-2026-46015	7.8 HIGH	tcp: call sk_data_ready() after listener migration
CVE-2026-45852	7.8 HIGH	RDMA/rxe: Fix double free in rxe_srq_from_init
CVE-2026-46053	7.8 HIGH	net: rds: fix MR cleanup on copy error
CVE-2026-45862	7.8 HIGH	iommu/vt-d: Flush cache for PASID table before using it

Showing top 20 of 276 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux

Same vendor: Linux

V. Comments for CVE-2026-45850

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-45850— ipvs: skip ipv6 extension headers for csum checks

Possible ATT&CK Techniques 1AI

Affected Version Matrix 6

I. Basic Information for CVE-2026-45850

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-45850

III. Intelligence Information for CVE-2026-45850

Patches & Fixes for CVE-2026-45850 (2)

Same Patch Batch · Linux · 2026-05-27 · 276 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-45850

Leave a comment