CVE-2026-41285 | OpenBSD up to 7.8 ICMPv6 Neighbor Discovery Option nd_opt_len improper validation of specified quantity in input

VDB-358400 · CVE-2026-41285 · GCVE-0-2026-41285 OPENBSD UP TO 7.8 ICMPV6 NEIGHBOR DISCOVERY OPTION ND_OPT_LEN IMPROPER VALIDATION OF SPECIFIED QUANTITY IN INPUT HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 4.2 $0-$5k 1.29+ Summaryinfo A vulnerability classified as problematic was found in OpenBSD up to 7.8. This impacts an unknown function of the component ICMPv6 Neighbor Discovery Option Handler. Such manipulation of the argument nd_opt_len leads to improper validation of specified quantity in input. This vulnerability is referenced as CVE-2026-41285. The attack needs to be initiated within the local network. No exploit is available. Applying a patch is advised to resolve this issue. Detailsinfo A vulnerability, which was classified as problematic, has been found in OpenBSD up to 7.8. Affected by this issue is an unknown function of the component ICMPv6 Neighbor Discovery Option Handler. The manipulation of the argument nd_opt_len with an unknown input leads to a improper validation of specified quantity in input vulnerability. Using CWE to declare the problem leads to CWE-1284. The product receives input that is expected to specify a quantity (such as size or length), but it does not validate or incorrectly validates that the quantity has the required properties. Impacted is availability. CVE summarizes: In OpenBSD through 7.8, the slaacd and rad daemons have an infinite loop when they receive a crafted ICMPv6 Neighbor Discovery (ND) option (over a local network) with length zero, because of an "nd_opt_len * 8 - 2" expression with no preceding check for whether nd_opt_len is zero. The advisory is shared for download at rfc-editor.org. This vulnerability is handled as CVE-2026-41285 since 04/20/2026. The exploitation is known to be easy. The attack needs to approached within the local network. No form of authentication is required for exploitation. There are known technical details, but no exploit is available. Applying the patch 086c5738bcd3c203bcc08d024fcf983cb409115f is able to eliminate this problem. The bugfix is ready for download at github.com. Productinfo Type Operating System Name OpenBSD Version 7.0 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 License open-source CPE 2.3info 🔒 🔒 🔒 CPE 2.2info 🔒 🔒 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv3info VulDB Meta Base Score: 4.3 VulDB Meta Temp Score: 4.2 VulDB Base Score: 4.3 VulDB Temp Score: 4.1 VulDB Vector: 🔒 VulDB Reliability: 🔍 CNA Base Score: 4.3 CNA Vector (MITRE): 🔒 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Improper validation of specified quantity in input CWE: CWE-1284 / CWE-703 CAPEC: 🔒 ATT&CK: 🔒 Physical: No Local: No Remote: Partially Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Patch Status: 🔍 0-Day Time: 🔒 Patch: 086c5738bcd3c203bcc08d024fcf983cb409115f Timelineinfo 04/20/2026 CVE reserved 04/21/2026 +1 days Advisory disclosed 04/21/2026 +0 days VulDB entry created 04/21/2026 +0 days VulDB entry last update Sourcesinfo Advisory: rfc-editor.org Status: Confirmed CVE: CVE-2026-41285 (🔒) GCVE (CVE): GCVE-0-2026-41285 GCVE (VulDB): GCVE-100-358400 Entryinfo Created: 04/21/2026 07:16 Changes: 04/21/2026 07:16 (65) Complete: 🔍 Cache ID: 99:687:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸