CVE-2026-45847
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk5th percentile - higher than 5% of all known CVEs
Summary
In the Linux kernel, the WARN_ON_ONCE warning when accessing the forward path array has been removed. Support for IPIP tunnels increased the likelihood of hitting this warning if userspace builds a sufficiently long forward path.
Risk Assessment
The warning could cause unnecessary logs and potential kernel panics, leading to system instability.
Recommendation
It is recommended to update the Linux kernel to a version containing this fix to avoid false warnings and improve stability.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: net: remove WARN_ON_ONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARN_ON_ONCE if userspace manages to build a sufficiently long forward path. Remove it.

