CVE-2026-52909— ip6_vti: set netns_immutable on the fallback device.
Possible ATT&CK Techniques 2AI
T1195 · Supply Chain Compromise T1543 · Create or Modify System ProcessAffected Version Matrix 8
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 61220ab349485d911083d0b7990ccd3db6c63297< ecf8904067dcba0dad86ece80874841e60317885 | affected |
61220ab349485d911083d0b7990ccd3db6c63297< dcdce3bc9f08026ff3739ee7339e1bef526fc5f3 | affected | ||
61220ab349485d911083d0b7990ccd3db6c63297< d289d5307762d1838aaece22c6b6fcad9e8865f9 | affected | ||
3.15 | affected | ||
< 3.15 | unaffected | ||
6.18.36≤ 6.18.* | unaffected | ||
7.0.13≤ 7.0.* | unaffected | ||
7.1≤ * | unaffected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-52909
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ip6_vti: set netns_immutable on the fallback device.
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: ip6_vti: set netns_immutable on the fallback device. john1988 and Noam Rathaus reported that vti6_init_net() does not set the netns_immutable flag on the per-netns fallback tunnel device (ip6_vti0). Other similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel) correctly set this flag during their fallback device initialization to prevent them from being moved to another network namespace.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2026-52909
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-52909
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-52909 (3)
Same Patch Batch · Linux · 2026-06-19 · 3 CVEs total
| CVE-2026-52910 | bpf: Free reuseport cBPF prog after RCU grace period. | |
| CVE-2026-52908 | RDMA: During rereg_mr ensure that REREG_ACCESS is compatible |
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-52910
bpf: Free reuseport cBPF prog after RCU grace period. - CVE-2026-52908
RDMA: During rereg_mr ensure that REREG_ACCESS is compatible - CVE-2026-46331
net/sched: fix pedit partial COW leading to page cache corru - CVE-2026-52907
media: rockchip: rkcif: fix off by one bugs - CVE-2026-52906
9p: fix access mode flags being ORed instead of replaced
Same vendor: Linux
- CVE-2026-52910
bpf: Free reuseport cBPF prog after RCU grace period. - CVE-2026-52908
RDMA: During rereg_mr ensure that REREG_ACCESS is compatible - CVE-2026-46331
net/sched: fix pedit partial COW leading to page cache corru - CVE-2026-52907
media: rockchip: rkcif: fix off by one bugs - CVE-2026-52906
9p: fix access mode flags being ORed instead of replaced
V. Comments for CVE-2026-52909
No comments yet