CVE-2026-22988

Source
https://cve.org/CVERecord?id=CVE-2026-22988
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-22988.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-22988
Downstream
Related
Published
2026-01-23T15:24:09.756Z
Modified
2026-07-09T18:29:35.652311477Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
arp: do not assume dev_hard_header() does not change skb->head
Details

In the Linux kernel, the following vulnerability has been resolved:

arp: do not assume devhardheader() does not change skb->head

arpcreate() is the only devhard_header() caller making assumption about skb->head being unchanged.

A recent commit broke this assumption.

Initialize @arp pointer after devhardheader() call.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22988.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
17e7386234f740f3e7d5e58a47b5847ea34c3bc2
Fixed
e432dbff342b95fe44645f9a90fcf333c80f4b5e
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
41a1a3140aff295dee8063906f70a514548105e8
Fixed
393525dee5c39acff8d6705275d7fcaabcfb7f0a
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
adee129db814474f2f81207bd182bf343832a52e
Fixed
70bddc16491ef4681f3569b3a2c80309a3edcdd1
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1717357007db150c2d703f13f5695460e960f26c
Fixed
029935507d0af6553c45380fbf6feecf756fd226
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5fe210533e3459197eabfdbf97327dacbdc04d60
Fixed
dd6ccec088adff4bdf33e2b2dd102df20a7128fa
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
91a2b25be07ce1a7549ceebbe82017551d2eec92
Fixed
949647e7771a4a01963fe953a96d81fba7acecf3
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
db5b4e39c4e63700c68a7e65fc4e1f1375273476
Fixed
c92510f5e3f82ba11c95991824a41e59a9c5ed81

Affected versions

v6.*
v6.1.160
v6.12.64
v6.12.65
v6.18.4
v6.18.5
v6.6.120

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-22988.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.1.160
Fixed
6.1.161
Type
ECOSYSTEM
Events
Introduced
6.6.120
Fixed
6.6.121
Type
ECOSYSTEM
Events
Introduced
6.12.64
Fixed
6.12.66
Type
ECOSYSTEM
Events
Introduced
6.18.4
Fixed
6.18.6

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-22988.json"