Concurrent Acknowledgment Issue in Linux Kernel Affecting Group Broadcast Functionality
CVE-2026-31662

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31662?

A notable vulnerability in the Linux kernel pertains to the handling of group acknowledgment messages (GRP_ACK_MSG) within the TIPC (Transparent Inter-Process Communication) framework. When duplicate acknowledgments are received, the handler erroneously decrements the bc_ackers value, which can lead to an underflow condition. This underflow occurs due to the limited range of a u16 data type, resulting in erroneous congestion reporting and blocking of subsequent group broadcasts until the affected group is recreated. The issue has been rectified by ensuring that duplicate or stale acknowledgments are ignored, thus maintaining the integrity of the acknowledgment process and preventing underflow issues.

Affected Version(s)

Linux 2f487712b89376fce267223bbb0db93d393d4b09

Linux 2f487712b89376fce267223bbb0db93d393d4b09 < 36ec4fdd6250dcd5e73eb09ea92ed92e9cc28412

Linux 2f487712b89376fce267223bbb0db93d393d4b09 < 575faea557f1a184a5f09661bd47ebd3ef3769f8

References

https://git.kernel.org/stable/c/a7db57ccca21f580160906547...

https://git.kernel.org/stable/c/36ec4fdd6250dcd5e73eb09ea...

https://git.kernel.org/stable/c/575faea557f1a184a5f09661b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31662 Data

JSON