CVE-2026-14258
Last modified
CVE-2026-14258 is a medium-severity vulnerability rated 6.5/10 on the CVSS scale. A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop.
Description
A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser to enter a non-advancing loop. Successful exploitation may result in excessive CPU consumption, leading to a denial of service.
Metrics
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Awaiting Analysis
Frequently Asked Questions
What is CVE-2026-14258?
How severe is CVE-2026-14258?
How do I fix CVE-2026-14258?
Related CVEs from 2026
- CVE-2026-14241Memory safety bugs present in Firefox 152.0.3. Some of these…9.8
- CVE-2026-14244The Jssor Slider by jssor.com plugin for WordPress is vulner…7.5
- CVE-2026-14245The miniOrange OTP Login, Verification and SMS Notifications…9.8
- CVE-2026-14249The Request a Quote plugin for WordPress is vulnerable to Co…7.5
- CVE-2026-1425A security flaw has been discovered in pymumu SmartDNS up to…6.3
- CVE-2026-14250The Themehunk Login Registration plugin for WordPress is vul…6.3
- CVE-2026-1426The Advanced AJAX Product Filters plugin for WordPress is vu…8.8
- CVE-2026-14261A vulnerability in the Xerte Online Tools allows for authent…9.1
- CVE-2026-14265Deserialization of untrusted data in the RemoteQueryCachePlu…8.8
- CVE-2026-1427Single Sign-On Portal System developed by WellChoose has a O…8.8
- CVE-2026-14278Rejected reason: After further coordination, CVE was determi…
- CVE-2026-1428Single Sign-On Portal System developed by WellChoose has a O…8.8
Are you affected by CVE-2026-14258?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
