CVE-2026-49412 – Use-after-free bug in the IPV6_MSFILTER socket option handler

CVE ID :CVE-2026-49412

Published : June 27, 2026, 9:02 a.m. | 42 minutes ago

Description :The kernel handler for IPV6_MSFILTER dropped a serializing lock in order to copy the source-filter list from userspace, then reacquired the lock. During this window another thread could free the multicast filter structure, leaving the handler with a stale pointer to freed memory.

An unprivileged local user can exploit this use-after-free to escalate privileges.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…