🟠 High | Source: Microsoft Security Response Center
CVE-2026-52909 is a Linux kernel vulnerability affecting the IPv6 VTI (Virtual Tunnel Interface) subsystem, where the fallback device does not have the netns_immutable flag set. This can allow incorrect namespace handling, potentially leading to privilege escalation or unauthorised access across network namespaces in containerised or virtualised environments. Azure workloads running Linux-based virtual machines or container hosts may be exposed if unpatched kernel versions are in use.
Security Architect’s Take: Review Linux kernel versions across Azure VMs, AKS node pools, and container hosts to confirm patched kernels are deployed; prioritise environments using IPv6 VTI tunnels or multi-tenant network namespace configurations, and apply Microsoft’s recommended updates promptly.
Original advisory: CVE-2026-52909 ip6_vti: set netns_immutable on the fallback device.