CVE-2026-45847
Awaiting Analysis Awaiting Analysis - Queue
Linux Kernel Forward Path Array Access Warning Removal

Publication date: 2026-05-27

Last updated on: 2026-05-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net: remove WARN_ON_ONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARN_ON_ONCE if userspace manages to build a sufficiently long forward path. Remove it.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-27
Last Modified
2026-05-27
Generated
2026-06-16
AI Q&A
2026-05-27
EPSS Evaluated
2026-06-15
NVD
CVE-2026-45847
EUVD
EUVD-2026-32313
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

The vulnerability is unlikely to have a significant impact since it mainly involves a warning being triggered in the kernel when accessing the forward path array under specific conditions involving IPIP tunnels.

If triggered, it could potentially cause unnecessary warnings or disruptions in kernel operation, but no direct security impact or exploitation details are provided.

Executive Summary

This vulnerability relates to the Linux kernel where a warning mechanism called WARN_ON_ONCE was triggered when accessing the forward path array. The issue arises particularly with recent support for IPIP tunnels, which can increase the chances of triggering this warning if userspace constructs a sufficiently long forward path.

The vulnerability was addressed by removing the WARN_ON_ONCE check to prevent this warning from occurring.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-45847. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart