Linux Kernel Vulnerability Affecting Segmentation Routing Paths
CVE-2026-31668

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 April 2026

What is CVE-2026-31668?

The Linux kernel's segmentation lightweight tunnel (seg6 lwtunnel) vulnerability introduces routing inconsistencies due to the use of a unified destination cache for input and output paths. This design flaw allows different routing contexts to exhaustively share a single cache, leading to context mismatches and potential security exposures. The proposed fix involves creating separate caches for input and output processes to ensure independent management and prevent unintended data exposure during segmentation routing. This correction enhances the kernel's robustness against manipulation and maintains the integrity of network operations.

Affected Version(s)

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 1dec91d3b1cefb82635761b7812154af3ef46449

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 750569d6987a0ff46317a4b86eb3907e296287bf

Linux 6c8702c60b88651072460f3f4026c7dfe2521d12 < 57d0374d14fa667dec6952173b93e7e84486d5c9

References

https://git.kernel.org/stable/c/1dec91d3b1cefb82635761b78...

https://git.kernel.org/stable/c/750569d6987a0ff46317a4b86...

https://git.kernel.org/stable/c/57d0374d14fa667dec6952173...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31668 Data

JSON