Network Packet Manipulation Vulnerability in Linux Kernel by Linux Foundation
CVE-2026-31685

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 25 April 2026

What is CVE-2026-31685?

A vulnerability in the Linux Kernel allows for improper handling of network packets due to an inadequate guard against invalid MAC headers. When processing packets, specifically in the eui64_mt6() function, the system fails to reject packets with incorrect MAC headers in some cases. This could lead to unauthorized access or manipulation of network data, as it allows packets with invalid MAC headers to reach the Ethernet header despite being malformed. The vulnerability has since been addressed by revising the logic to ensure such packets are properly rejected, reinforcing overall network security.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 9eda5478746ef7dc0e4e537b5a5e4b0ca1027091

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 807d6ee15804df6f01a35c910f09612e858739a6

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 309ae3e9a51a69699ca94eac5fac5688fa562d55

References

https://git.kernel.org/stable/c/9eda5478746ef7dc0e4e537b5...

https://git.kernel.org/stable/c/807d6ee15804df6f01a35c910...

https://git.kernel.org/stable/c/309ae3e9a51a69699ca94eac5...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2026
Vulnerability Reserved
Mar 9, 2026

CVE-2026-31685 Data

JSON