In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmppointers Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range covered by icmppointers[], which only describes the traditional ICMP types up to NRICMPTYPES. Avoid consulting icmppointers[] for reply types outside that range, and use arrayindex_nospec() for the remaining in-range lookup. Normal ICMP replies keep their existing behavior unchanged.