Linux Kernel Vulnerability in Networking Bonding Functionality
CVE-2026-31419
What is CVE-2026-31419?
In the Linux kernel, a use-after-free vulnerability has been identified in the bonding functionality associated with network devices. The issue arises in the 'bond_xmit_broadcast()' function, where an existing socket buffer (skb) is mistakenly reused without proper synchronizations during concurrent slave operations. This oversight allows for the potential double consumption of the original skb, leading to instability and unexpected crashes. The vulnerability is a result of an improper check for the last slave in the bond, which can be altered by ongoing enslave or release operations during RCU-protected iterations. A fix has been implemented to enhance the stability and integrity of the operation by replacing the racy check with a reliable index comparison, thus safeguarding against concurrent list mutations while maintaining optimizations for data handling.
Affected Version(s)
Linux 4e5bd03ae34652cd932ab4c91c71c511793df75c
Linux 4e5bd03ae34652cd932ab4c91c71c511793df75c
Linux 4e5bd03ae34652cd932ab4c91c71c511793df75c < 2884bf72fb8f03409e423397319205de48adca16