In the Linux kernel, the following vulnerability has been resolved:
ipv4: icmp: validate reply type before using icmp_pointers
Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range covered by icmppointers[], which only describes the traditional ICMP types up to NRICMP_TYPES.
Avoid consulting icmppointers[] for reply types outside that range, and use arrayindex_nospec() for the remaining in-range lookup. Normal ICMP replies keep their existing behavior unchanged.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46037.json",
"cna_assigner": "Linux"
}