VDB
CVE-2026-31674
CVE-2026-31674
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.
EPSS 0.02% · 3.6th percentile
Risk Scores
EPSS Score
0.02%
3.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linux | linux_kernel | 2.6.12, 2.6.12, 2.6.12 |
| Linux | Linux | 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 |
Timeline
- Apr 25, 2026 CVE Published
- Apr 25, 2026 PoC Published
- Apr 27, 2026 Security Advisory
- May 6, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
References
- https://git.kernel.org/stable/c/13e3e30ed3b5b67cc1db2bd58a5d09b0f07debfa url
- https://git.kernel.org/stable/c/af9b7e2b765966457f4ec23be5bd34a141f89574 url
- https://git.kernel.org/stable/c/29ea965a1353bc8303877422f79c8211e9ba9c55 url
- https://git.kernel.org/stable/c/c6a503a9f4debc654e3a6a7ca1f7fce6a9953c59 url
- https://git.kernel.org/stable/c/ded71f5684df16fa645cca5bf4fe6b0cd8a46119 url
- https://git.kernel.org/stable/c/d8795fde1f78669a87c87ac29fceab2f104daa8c url
- https://git.kernel.org/stable/c/a28ebf6f99de270d6338ccdc3b49f3e818f99b7b url
- https://git.kernel.org/stable/c/9d3f027327c2fa265f7f85ead41294792c3296ed url
- https://lists.debian.org/debian-lts-announce/2026/05/msg00004.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00154.html advisory
- https://lists.debian.org/debian-security-announce/2026/msg00148.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00051.html advisory
- https://lists.debian.org/debian-lts-announce/2026/05/msg00052.html advisory