CVE-2026-31623
Published: Apr 24, 2026
Modified: Jun 1, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() A malicious USB device claiming to be a CDC Phonet modem can overflow the skb_shared_info->frags[] array by sending an unbounded sequence of full-page bulk transfers. Drop the skb and increment the length error when the frag limit is reached. This matches the same fix that commit f0813bcd2d9d ("net: wwan: t7xx: fix potential skb->frags overflow in RX path") did for the t7xx driver.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 87cf65601e1709e57f7e28f0f7b3eb0a992c1782 - < 6807ff49bf796b3823b1e29f97b69316a40a9a94affected 87cf65601e1709e57f7e28f0f7b3eb0a992c1782 - < 0c5c65a17db729fc63ab656bdaaf0e675a9dbeacaffected 87cf65601e1709e57f7e28f0f7b3eb0a992c1782 - < 6053620fdbcd89fa7e755644efdaab78e0daaae7affected 87cf65601e1709e57f7e28f0f7b3eb0a992c1782 - < d4e1946bea8d6441835eb3fd09b19237ba366a6faffected 87cf65601e1709e57f7e28f0f7b3eb0a992c1782 - < a23b1b1aaf41e174181d5853a70e65d4d01e648c+4 more versions |
Linux | Linux | affected 2.6.31unaffected 0 - < 2.6.31unaffected 5.10.258 - <= 5.10.*unaffected 5.15.209 - <= 5.15.*unaffected 6.1.175 - <= 6.1.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now