Netfilter Vulnerability in Linux Kernel Affecting Network Namespaces
CVE-2026-31496

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31496?

In the Linux kernel, a vulnerability related to netfilter has been addressed, allowing for the potential bypassing of connection tracking expectations across different network namespaces. This issue enables the skipping of expectations that do not belong to the current network namespace, leading to the possibility of unauthorized access or manipulation of connection tracking data. The vulnerability has been mitigated through a series of updates ensuring that expectations in other namespaces are no longer processed via the proc filesystem, enhancing the overall security of the kernel's networking subsystem.

Affected Version(s)

Linux 9b03f38d0487f3908696242286d934c9b38f9d2a < 2028405ea6987b4448784e439413202cfe19f43f

Linux 9b03f38d0487f3908696242286d934c9b38f9d2a < 168145c87444619e3e649322bbe7719ecd00d411

Linux 9b03f38d0487f3908696242286d934c9b38f9d2a

References

https://git.kernel.org/stable/c/2028405ea6987b4448784e439...

https://git.kernel.org/stable/c/168145c87444619e3e649322b...

https://git.kernel.org/stable/c/dcfcd95b3ae7683e8ae55c922...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31496 Data

JSON