Linux Kernel Vulnerability in Netfilter's X_tables Impacting ARP Protocol
CVE-2026-31424

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-31424?

A vulnerability exists in the Linux kernel's netfilter component, specifically affecting the x_tables subsystem when dealing with the ARP protocol. The flaw is due to insufficient restrictions on xt_match and xt_target structs registered with NFPROTO_UNSPEC, which allows loading by any protocol family. This misconfiguration can result in incorrect hook validation for ARP chains, leading to possible NULL pointer dereferences and kernel panics during operation. To mitigate this risk, arptables must be confined strictly to NFPROTO_ARP extensions, ensuring that only valid match and target declarations are utilized.

Affected Version(s)

Linux 9291747f118d6404e509747b85ff5f6dfec368d2 < 1cd6313c8644bfebbd813a05da9daa21b09dd68c

Linux 9291747f118d6404e509747b85ff5f6dfec368d2

References

https://git.kernel.org/stable/c/1cd6313c8644bfebbd813a05d...

https://git.kernel.org/stable/c/f00ac65c90ea475719e08d629...

https://git.kernel.org/stable/c/e7e1b6bcb389c8708003d4061...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31424 Data

JSON