BPF_OR Vulnerability in Linux Kernel Affecting Multiple Versions
CVE-2026-31413

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 12 April 2026

What is CVE-2026-31413?

In the Linux kernel, a vulnerability in the handling of scalar values during the execution of the BPF_OR operation can result in an exploitable verification and runtime divergence. Specifically, the maybe_fork_scalars() function incorrectly processes the destination operand, allowing for potential out-of-bounds map access. The issue arises when the verifier state forks incorrectly, leading to scenarios where the constant source operand's operations do not align with expected outcomes, particularly when dealing with signed integer ranges. A fix was implemented that re-executes the appropriate instructions, ensuring accurate computation and preventing unauthorized access due to the divergence.

Affected Version(s)

Linux dea9989a3f3961faede93752cd81eb5a9514d911 < 342aa1ee995ef5bbf876096dc3a5e51218d76fa4

Linux 4c122e8ae14950cf6b59d208fc5160f7c601e746 < 58bd87d0e69204dbd739e4387a1edb0c4b1644e7

Linux e52567173ba86dbffb990595fbe60e2e83899372

References

https://git.kernel.org/stable/c/342aa1ee995ef5bbf876096dc...

https://git.kernel.org/stable/c/58bd87d0e69204dbd739e4387...

https://git.kernel.org/stable/c/d13281ae7ea8902b21d99d10a...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31413 Data

JSON