FKIE_CVE-2026-52985
Vulnerability from fkie_nvd - Published: 2026-06-24 17:17 - Updated: 2026-06-24 17:17
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved:
netdevsim: zero initialize struct iphdr in dummy sk_buff
Syzbot reports a KMSAN uninit-value originating from
nsim_dev_trap_skb_build, with the allocation also
being performed in the same function.
Fix this by calling skb_put_zero instead of skb_put to
guarantee zero initialization of the whole IP header.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/netdevsim/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "175556c049eaec14efde8c6475e763b7579b9de7",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "6e2cfd0904976e701d7a76b86b694e72af230ab0",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "1b7b6ae0e93b8d512e208b1378d74af052e4f4e7",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "818f7673ed7f4a29d4b9cee8184c47d6e57162b4",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "978ca6ff789f1f19c03288ac20cc1f4774e88490",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "750d0091bebf44975421268d37484ef87060d263",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "bc6002865e8c4fcf9e94975f7cf023448d8764e2",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
},
{
"lessThan": "35eaa6d8d6c2ee65e96f507add856e0eacf24591",
"status": "affected",
"version": "da58f90f11f597520f226caff1d3cfc115abedc9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/netdevsim/dev.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.258",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.209",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.175",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.141",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.91",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.33",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.*",
"status": "unaffected",
"version": "7.0.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdevsim: zero initialize struct iphdr in dummy sk_buff\n\nSyzbot reports a KMSAN uninit-value originating from\nnsim_dev_trap_skb_build, with the allocation also\nbeing performed in the same function.\n\nFix this by calling skb_put_zero instead of skb_put to\nguarantee zero initialization of the whole IP header."
}
],
"id": "CVE-2026-52985",
"lastModified": "2026-06-24T17:17:09.260",
"metrics": {},
"published": "2026-06-24T17:17:09.260",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/175556c049eaec14efde8c6475e763b7579b9de7"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/1b7b6ae0e93b8d512e208b1378d74af052e4f4e7"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/35eaa6d8d6c2ee65e96f507add856e0eacf24591"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/6e2cfd0904976e701d7a76b86b694e72af230ab0"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/750d0091bebf44975421268d37484ef87060d263"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/818f7673ed7f4a29d4b9cee8184c47d6e57162b4"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/978ca6ff789f1f19c03288ac20cc1f4774e88490"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/bc6002865e8c4fcf9e94975f7cf023448d8764e2"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Received"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…