7.1
CVE-2026-31430
- EPSS 0.08%
- Veröffentlicht 20.04.2026 09:43:03
- Zuletzt bearbeitet 21.05.2026 15:28:28
- CVE-Watchlists
- Unerledigt
X.509: Fix out-of-bounds access when parsing extensions
In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before checking its length. Fix it. The bug can be triggered by an unprivileged user by submitting a specially crafted certificate to the kernel through the keyrings(7) API. Leo has demonstrated this with a proof-of-concept program responsibly disclosed off-list.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 6.4 < 6.6.135
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.82
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.23
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.13
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
Linux ≫ Linux Kernel Version7.0 Updaterc4
Linux ≫ Linux Kernel Version7.0 Updaterc5
Linux ≫ Linux Kernel Version7.0 Updaterc6
Linux ≫ Linux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.003 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
https://git.kernel.org/stable/c/672b526def1f94c1be8eb11b885b803da0d8c2f1
https://git.kernel.org/stable/c/30ab358fad0c7daa1d282ec48089901b21b36a20
https://git.kernel.org/stable/c/206121294b9cf27f0589857f80d64f87e496ffb2
https://git.kernel.org/stable/c/7fb4dadc2734f4020d7543d688b8d49c8e569c61
https://git.kernel.org/stable/c/d702c3408213bb12bd570bb97204d8340d141c51