SB2026041414 - Integer overflow in Linux kernel x25
Published: April 14, 2026
Security Bulletin ID
SB2026041414
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Integer overflow (CVE-ID: CVE-2026-31417)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an integer overflow in the x25 packet reassembly logic when accumulating fragmented packets. A local user can send specially crafted packets to cause a denial of service.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/1734bd85c5e0a7a801295b729efb56b009cb8fc3
- https://git.kernel.org/stable/c/4e2d1bcef78d21247fe8fef13bc7ed95885df2b5
- https://git.kernel.org/stable/c/6e568835ea54a3e1d08e310e34f95d434e739477
- https://git.kernel.org/stable/c/8c92969c197b91c134be27dc3afb64ab468853a9
- https://git.kernel.org/stable/c/a1822cb524e89b4cd2cf0b82e484a2335496a6d9
- https://git.kernel.org/stable/c/f953f11ccf4afe6feb635c08145f4240d9a6b544