SB20260425195 - Out-of-bounds read in Linux kernel ipv6 netfilter
Published: April 25, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Out-of-bounds read (CVE-ID: CVE-2026-31674)
CWE-ID: CWE-125 - Out-of-bounds read
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in rt_mt6() when processing a malformed rt match rule with an oversized addrnr value. A local user can install a specially crafted rule to cause a denial of service.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/13e3e30ed3b5b67cc1db2bd58a5d09b0f07debfa
- https://git.kernel.org/stable/c/29ea965a1353bc8303877422f79c8211e9ba9c55
- https://git.kernel.org/stable/c/9d3f027327c2fa265f7f85ead41294792c3296ed
- https://git.kernel.org/stable/c/a28ebf6f99de270d6338ccdc3b49f3e818f99b7b
- https://git.kernel.org/stable/c/af9b7e2b765966457f4ec23be5bd34a141f89574
- https://git.kernel.org/stable/c/c6a503a9f4debc654e3a6a7ca1f7fce6a9953c59
- https://git.kernel.org/stable/c/d8795fde1f78669a87c87ac29fceab2f104daa8c
- https://git.kernel.org/stable/c/ded71f5684df16fa645cca5bf4fe6b0cd8a46119