VDB
CVE-2026-31692
CVE-2026-31692
PUBLISHED
Reported by Linux · Published April 30, 2026
In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlink_ns_capable() check for peer netns rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the peer network namespace when creating paired devices (veth, vxcan, netkit). This allows an unprivileged user with a user namespace to create interfaces in arbitrary network namespaces, including init_net. Add a netlink_ns_capable() check for CAP_NET_ADMIN in the peer namespace before allowing device creation to proceed.
EPSS 0.02% · 3.3th percentile
Risk Scores
EPSS Score
0.02%
3.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 81adee47dfb608df3ad0b91d230fb3cef75f0060, 81adee47dfb608df3ad0b91d230fb3cef75f0060, 81adee47dfb608df3ad0b91d230fb3cef75f0060 |
| Linux | Linux | 2.6.33, 0, 6.18.24 |
| linux | linux_kernel | 2.6.33, 2.6.33, 2.6.33 |
| Linux | Linux | 81adee47dfb608df3ad0b91d230fb3cef75f0060, 81adee47dfb608df3ad0b91d230fb3cef75f0060, 81adee47dfb608df3ad0b91d230fb3cef75f0060 |
Timeline
- Apr 30, 2026 CVE Published
- May 1, 2026 Security Advisory
- May 11, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score
- May 25, 2026 EPSS Score
- May 26, 2026 EPSS Score