Linux Kernel VTI6: netns_immutable flag set on fallback device: CVE-2026-52909 June 2026

Linux Kernel VTI6: netns_immutable flag set on fallback device
CVE-2026-52909 Published on June 19, 2026

ip6_vti: set netns_immutable on the fallback device.
In the Linux kernel, the following vulnerability has been resolved: ip6_vti: set netns_immutable on the fallback device. john1988 and Noam Rathaus reported that vti6_init_net() does not set the netns_immutable flag on the per-netns fallback tunnel device (ip6_vti0). Other similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel) correctly set this flag during their fallback device initialization to prevent them from being moved to another network namespace.

Products Associated with CVE-2026-52909

Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.

Affected Versions

Version 61220ab349485d911083d0b7990ccd3db6c63297 and below ecf8904067dcba0dad86ece80874841e60317885 is affected.

Version 61220ab349485d911083d0b7990ccd3db6c63297 and below dcdce3bc9f08026ff3739ee7339e1bef526fc5f3 is affected.

Version 61220ab349485d911083d0b7990ccd3db6c63297 and below d289d5307762d1838aaece22c6b6fcad9e8865f9 is affected.

Version 3.15 is affected.

Before 3.15 is unaffected.

Version 6.18.36, <= 6.18.* is unaffected.

Version 7.0.13, <= 7.0.* is unaffected.

Version 7.1, <= * is unaffected.

Linux Kernel VTI6: netns_immutable flag set on fallback deviceCVE-2026-52909 Published on June 19, 2026

Products Associated with CVE-2026-52909

Affected Versions

Linux Kernel VTI6: netns_immutable flag set on fallback device
CVE-2026-52909 Published on June 19, 2026