Integer underflow in Linux kernel - CVE-2026-31662
Published: April 25, 2026
Vulnerability identifier: #VU127740
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2026-31662
CWE-ID: CWE-191
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an integer underflow in tipc_group_proto_rcv() when handling duplicate or stale GRP_ACK_MSG messages. A remote attacker can send duplicate group acknowledgment messages to cause a denial of service.
After the counter wraps, group broadcasts on the affected socket remain blocked until the group is recreated.
How to mitigate CVE-2026-31662
Install security update from vendor's repository.
Sources
- https://git.kernel.org/stable/c/1b6f13f626665cac67ba5a012765427680518711
- https://git.kernel.org/stable/c/36ec4fdd6250dcd5e73eb09ea92ed92e9cc28412
- https://git.kernel.org/stable/c/3bcf7aca63f0bcd679ae28e9b99823c608e59ce3
- https://git.kernel.org/stable/c/48a5fe38772b6f039522469ee6131a67838221a8
- https://git.kernel.org/stable/c/575faea557f1a184a5f09661bd47ebd3ef3769f8
- https://git.kernel.org/stable/c/a2ea1ef0167d7a84730638d05c20ccdc421b14b6
- https://git.kernel.org/stable/c/a7db57ccca21f5801609065473c89a38229ecb92
- https://git.kernel.org/stable/c/e0bb732eaf77f9ac2f2638bdac9e39b81e0a9682