Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by the fragment-header processing path, the associated RX network packet buffer (allocated from a memory slab) is not released back to the pool. Repeating the malicious packet exhausts all RX buffer slots, after which the device can no longer obtain RX buffers and stops receiving traffic, resulting in a denial of service.
References
Configurations
No configuration.
History
25 Jun 2026, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-06-25 17:16
Updated : 2026-06-25 19:16
NVD link : CVE-2026-13351
Mitre link : CVE-2026-13351
CVE.ORG link : CVE-2026-13351
JSON object : View
Products Affected
No product.
CWE
CWE-772
Missing Release of Resource after Effective Lifetime
