Heap-based buffer overflow in Linux kernel - CVE-2026-31515
Published: April 24, 2026
Vulnerability identifier: #VU127637
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2026-31515
CWE-ID: CWE-122
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a buffer overflow in pfkey_send_migrate() when processing migration requests with invalid old or new address families. A local user can trigger the vulnerable code path to cause a denial of service.
How to mitigate CVE-2026-31515
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/7b18692c59afb8e5c364c8e3ac01e51dd6b52028
- https://git.kernel.org/stable/c/83f644ea92987c100b82d8481ae2230faeed3d34
- https://git.kernel.org/stable/c/8ddf8de7e758f6888988467af9ffc8adf589fb16
- https://git.kernel.org/stable/c/d0c5aa8dd38887714f1aad04236a3620b56a5e4e
- https://git.kernel.org/stable/c/d3225e6b9bd51ec177970a628fe4b11237ce87d5
- https://git.kernel.org/stable/c/e06b596fc4eb01936a2e5dccad17c946d660bab8
- https://git.kernel.org/stable/c/eb2d16a7d599dc9d4df391b5e660df9949963786
- https://git.kernel.org/stable/c/ee836e820a40e2ca4da8af7310bff92d586772d4