CVE-2026-23254 | Linux Kernel up to 6.6.123/6.12.69/6.18.9 Tun Driver udp4_gro_complete injection

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.123/6.12.69/6.18.9. Affected is the function udp4_gro_complete of the component Tun Driver. The manipulation results in injection.

This vulnerability is known as CVE-2026-23254. Access to the local network is required for this attack. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More