CVE-2026-31674
Published: Apr 25, 2026
Modified: May 11, 2026
CVSS v3.1
7.1
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS. rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 13e3e30ed3b5b67cc1db2bd58a5d09b0f07debfaaffected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < af9b7e2b765966457f4ec23be5bd34a141f89574affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < 29ea965a1353bc8303877422f79c8211e9ba9c55affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < c6a503a9f4debc654e3a6a7ca1f7fce6a9953c59affected 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - < ded71f5684df16fa645cca5bf4fe6b0cd8a46119+3 more versions |
Linux | Linux | affected 2.6.12unaffected 0 - < 2.6.12unaffected 5.10.253 - <= 5.10.*unaffected 5.15.203 - <= 5.15.*unaffected 6.1.168 - <= 6.1.*+5 more versions |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now