5.5
CVE-2026-31515
- EPSS 0.12%
- Veröffentlicht 22.04.2026 14:16:50
- Zuletzt bearbeitet 28.04.2026 16:20:43
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
af_key: validate families in pfkey_send_migrate()
In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_migrate() does not check old/new families, and that set_ipsecrequest() @family argument was truncated, thus possibly overfilling the skb. Validate families early, do not wait set_ipsecrequest(). [1] skbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:<NULL> kernel BUG at net/core/skbuff.c:214 ! Call Trace: <TASK> skb_over_panic net/core/skbuff.c:219 [inline] skb_put+0x159/0x210 net/core/skbuff.c:2655 skb_put_zero include/linux/skbuff.h:2788 [inline] set_ipsecrequest net/key/af_key.c:3532 [inline] pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636 km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848 xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705 xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 2.6.21.1 < 5.10.253
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.203
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.168
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.131
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.80
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.21
Linux ≫ Linux Kernel Version >= 6.19 < 6.19.11
Linux ≫ Linux Kernel Version2.6.21 Update-
Linux ≫ Linux Kernel Version7.0 Updaterc1
Linux ≫ Linux Kernel Version7.0 Updaterc2
Linux ≫ Linux Kernel Version7.0 Updaterc3
Linux ≫ Linux Kernel Version7.0 Updaterc4
Linux ≫ Linux Kernel Version7.0 Updaterc5
Linux ≫ Linux Kernel Version7.0 Updaterc6
Linux ≫ Linux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.12% | 0.023 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://git.kernel.org/stable/c/7b18692c59afb8e5c364c8e3ac01e51dd6b52028
https://git.kernel.org/stable/c/83f644ea92987c100b82d8481ae2230faeed3d34
https://git.kernel.org/stable/c/8ddf8de7e758f6888988467af9ffc8adf589fb16
https://git.kernel.org/stable/c/d0c5aa8dd38887714f1aad04236a3620b56a5e4e
https://git.kernel.org/stable/c/d3225e6b9bd51ec177970a628fe4b11237ce87d5
https://git.kernel.org/stable/c/e06b596fc4eb01936a2e5dccad17c946d660bab8
https://git.kernel.org/stable/c/eb2d16a7d599dc9d4df391b5e660df9949963786
https://git.kernel.org/stable/c/ee836e820a40e2ca4da8af7310bff92d586772d4