Integer overflow in Linux kernel - CVE-2026-31525
Published: April 24, 2026
Vulnerability identifier: #VU127623
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31525
CWE-ID: CWE-190
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to access out-of-bounds map values.
The vulnerability exists due to improper handling of signed integer minimum values in the BPF interpreter's signed 32-bit division and modulo handlers when processing crafted BPF operations that use INT_MIN. A local user can load a crafted BPF program to access out-of-bounds map values.
The issue is caused by a verifier and interpreter mismatch in range tracking for signed 32-bit division and modulo operations.
How to mitigate CVE-2026-31525
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/0d5d8c3ce45c734aaf3c51cbef59155a6746157d
- https://git.kernel.org/stable/c/694ea55f1b1c74f9942d91ec366ae9e822422e42
- https://git.kernel.org/stable/c/9ab1227765c446942f290c83382f0b19887c55cf
- https://git.kernel.org/stable/c/c77b30bd1dcb61f66c640ff7d2757816210c7cb0
- https://git.kernel.org/stable/c/f14ca604c0ff274fba19f73f1f0485c0047c1396