A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
https://savannah.nongnu.org/bugs/index.php?58553
https://lists.debian.org/debian-lts-announce/2023/11/msg00011.html