Netfilter Vulnerability in Linux Kernel Affects Network Traffic Management
CVE-2026-31414

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-31414?

A vulnerability in the Linux kernel's netfilter component involves improper reference count management within the nf_conntrack_expect function. Specifically, the issue arises when using nfct_help() without holding a reference to the master conntrack, potentially compromising the helper name in user space. The updated implementation now requires that an explicit helper be provided when creating network expectations, ensuring the system retains safer behavior while maintaining the integrity of the connection tracking mechanisms. This change safeguards applications relying on the Linux kernel for reliable network traffic management.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 847cb7fe26c5ce5dce0d1a41fac1ea488b7f1781

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4bd1b3d839172724b33d8d02c5a4ff6a1c775417

References

https://git.kernel.org/stable/c/847cb7fe26c5ce5dce0d1a41f...

https://git.kernel.org/stable/c/e7ccaa0a62a8ff2be5d521299...

https://git.kernel.org/stable/c/4bd1b3d839172724b33d8d02c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31414 Data

JSON