SB2026041424 - Integer overflow in Linux kernel ipv6
Published: April 14, 2026
Security Bulletin ID
SB2026041424
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Integer overflow (CVE-ID: CVE-2026-31415)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an integer overflow in ip6_datagram_send_ctl() when processing repeated IPV6_DSTOPTS control messages. A local user can send specially crafted ancillary data to cause a denial of service.
Exploitation can trigger a kernel panic through skb_under_panic(), and unprivileged exploitation is possible in environments where unprivileged user namespaces are enabled and the attacker can obtain namespaced CAP_NET_RAW.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0bdaf54d3aaddfe8df29371260fa8d4939b4fd6f
- https://git.kernel.org/stable/c/4e453375561fc60820e6b9d8ebeb6b3ee177d42e
- https://git.kernel.org/stable/c/5e4ee5dbea134e9257f205e31a96040bed71e83f
- https://git.kernel.org/stable/c/63fda74885555e6bd1623b5d811feec998740ba4
- https://git.kernel.org/stable/c/872b74900d5daa37067ac676d9001bb929fc6a2a
- https://git.kernel.org/stable/c/9ed81d692758dfb9471d7799b24bfa7a08224c31