Severity: Unknown
Affected Package: kernel
Summary: use-after-free in IP/IPv6 multicast source filter handling
IP_MSFILTER and IPV6_MSFILTER processing dropped the INP lock while holding pointers into mutable socket multicast membership data, creating a use-after-free race. Fixed by copying the source filter arrays before operating on socket multicast state. Ports the FreeBSD SA-26:29 ip6_multicast fix.
No specific recommendations provided.
Aliases: CVE-2026-49412
Published: June 11, 2026
Last Modified: June 11, 2026