Netfilter Vulnerability in Linux Kernel Affects Data Handling
CVE-2026-31495

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31495?

A data handling vulnerability exists within the netfilter component of the Linux kernel, specifically related to the ctnetlink code paths. This flaw arises from the failure to implement adequate policy range checks for netlink commands, resulting in the acceptance of invalid values that could lead to undefined behavior. The vulnerability impacts important TCP options such as connection tracking states and window scaling factors, which have been rectified through policy annotations that ensure early rejection of invalid values, promoting better data integrity and system security.

Affected Version(s)

Linux c8e2078cfe414a99cf6f2f2f1d78c7e75392e9d4 < 435b576cd2faa75154777868f8cbb73bf71644d3

Linux c8e2078cfe414a99cf6f2f2f1d78c7e75392e9d4 < 2ef71307c86a9f866d6e28f1a0c06e2e9d794474

Linux c8e2078cfe414a99cf6f2f2f1d78c7e75392e9d4 < 4f7d25f3f0786402ba48ff7d13b6241d77d975f5

References

https://git.kernel.org/stable/c/435b576cd2faa75154777868f...

https://git.kernel.org/stable/c/2ef71307c86a9f866d6e28f1a...

https://git.kernel.org/stable/c/4f7d25f3f0786402ba48ff7d1...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31495 Data

JSON