CVE-2026-53249
Received Received - Intake
Linux Kernel IPv4 LSRR/SSRR Option Privilege Restriction

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options This patch restricts setting Loose Source and Record Route (LSRR) and Strict Source and Record Route (SSRR) IP options to users with CAP_NET_RAW capability. This prevents unprivileged applications from forcing packets to route through attacker-controlled nodes to leak TCP ISN and possibly other protocol information. While LSRR and SSRR are commonly filtered in many network environments, they may still be supported and forwarded along some network paths. RFC 7126 (Recommendations on Filtering of IPv4 Packets Containing IPv4 Options) recommend to drop these options in 4.3 and 4.4.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53249
EUVD
EUVD-2026-39200
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves the IPv4 options Loose Source and Record Route (LSRR) and Strict Source and Record Route (SSRR). Previously, unprivileged users could set these IP options, which allow packets to be routed through specific nodes.

The vulnerability is that unprivileged applications could exploit this to force packets to route through attacker-controlled nodes, potentially leaking TCP Initial Sequence Numbers (ISN) and other protocol information.

The patch restricts setting these options only to users with the CAP_NET_RAW capability, preventing unprivileged users from abusing these options.

Impact Analysis

If exploited, this vulnerability could allow an attacker to force network packets to pass through nodes they control, which can lead to leakage of sensitive TCP protocol information such as Initial Sequence Numbers.

This information leakage could be used to facilitate further attacks on network communications, potentially compromising confidentiality and integrity of data.

Mitigation Strategies

To mitigate this vulnerability, ensure that only users with the CAP_NET_RAW capability can set the Loose Source and Record Route (LSRR) and Strict Source and Record Route (SSRR) IP options.

Additionally, consider filtering or dropping IPv4 packets containing LSRR and SSRR options in your network, as recommended by RFC 7126.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53249. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart