Linux Kernel Vulnerability in PFKey Migration Functions
CVE-2026-31515

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-31515?

A vulnerability exists within the Linux kernel's PFKey migration functions where the handling of family validation in 'pfkey_send_migrate()' is inadequate. This flaw may result in the truncation of the 'family' argument in 'set_ipsecrequest()', potentially causing a buffer overflow during packet processing. Early validation of family parameters is required to mitigate the risk of overflow and possible crashes within the kernel.

Affected Version(s)

Linux 08de61beab8a21c8e0b3906a97defda5f1f66ece

Linux 08de61beab8a21c8e0b3906a97defda5f1f66ece < 8ddf8de7e758f6888988467af9ffc8adf589fb16

References

https://git.kernel.org/stable/c/d0c5aa8dd38887714f1aad042...

https://git.kernel.org/stable/c/e06b596fc4eb01936a2e5dcca...

https://git.kernel.org/stable/c/8ddf8de7e758f6888988467af...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31515 Data

JSON