GHSA-4q3h-784r-7xp4HighCVSS 7.8

In the Linux kernel, the following vulnerability has been resolved: ip6_vti: set netns_immutable...

Published
June 19, 2026
Last Modified
June 28, 2026

🔗 CVE IDs covered (1)

📋 Description

In the Linux kernel, the following vulnerability has been resolved:

ip6_vti: set netns_immutable on the fallback device.

john1988 and Noam Rathaus reported that vti6_init_net() does not set the netns_immutable flag on the per-netns fallback tunnel device (ip6_vti0).

Other similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel) correctly set this flag during their fallback device initialization to prevent them from being moved to another network namespace.

🔗 References (5)