CVE-2026-31674
HIGH EPSS 2.0%
Published Apr 25, 20262mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
Published Apr 25, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 17
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥2.6.12.1 – <5.10.253 |
| linux | linux_kernel | * | ≥5.11 – <5.15.203 |
| linux | linux_kernel | * | ≥5.16 – <6.1.168 |
| linux | linux_kernel | * | ≥6.2 – <6.6.131 |
| linux | linux_kernel | * | ≥6.7 – <6.12.80 |
| linux | linux_kernel | * | ≥6.13 – <6.18.21 |
| linux | linux_kernel | * | ≥6.19 – <6.19.11 |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 2.6.12 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
| linux | linux_kernel | 7.0 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/13e3e30ed3b5b67cc1db2bd58a5d09b0f07debfa
- git.kernel.org https://git.kernel.org/stable/c/29ea965a1353bc8303877422f79c8211e9ba9c55
- git.kernel.org https://git.kernel.org/stable/c/9d3f027327c2fa265f7f85ead41294792c3296ed
- git.kernel.org https://git.kernel.org/stable/c/a28ebf6f99de270d6338ccdc3b49f3e818f99b7b
- git.kernel.org https://git.kernel.org/stable/c/af9b7e2b765966457f4ec23be5bd34a141f89574
- git.kernel.org https://git.kernel.org/stable/c/c6a503a9f4debc654e3a6a7ca1f7fce6a9953c59
- git.kernel.org https://git.kernel.org/stable/c/d8795fde1f78669a87c87ac29fceab2f104daa8c
- git.kernel.org https://git.kernel.org/stable/c/ded71f5684df16fa645cca5bf4fe6b0cd8a46119
Remediation
- git.kernel.org https://git.kernel.org/stable/c/13e3e30ed3b5b67cc1db2bd58a5d09b0f07debfa
- git.kernel.org https://git.kernel.org/stable/c/29ea965a1353bc8303877422f79c8211e9ba9c55
- git.kernel.org https://git.kernel.org/stable/c/9d3f027327c2fa265f7f85ead41294792c3296ed
- git.kernel.org https://git.kernel.org/stable/c/a28ebf6f99de270d6338ccdc3b49f3e818f99b7b
- git.kernel.org https://git.kernel.org/stable/c/af9b7e2b765966457f4ec23be5bd34a141f89574
- git.kernel.org https://git.kernel.org/stable/c/c6a503a9f4debc654e3a6a7ca1f7fce6a9953c59
- git.kernel.org https://git.kernel.org/stable/c/d8795fde1f78669a87c87ac29fceab2f104daa8c
- git.kernel.org https://git.kernel.org/stable/c/ded71f5684df16fa645cca5bf4fe6b0cd8a46119