CVE-2026-31417
Received Received - Intake
Integer Overflow in Linux Kernel X.25 Socket Fragment Handling

Publication date: 2026-04-13

Last updated on: 2026-04-27

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-27
Generated
2026-05-07
AI Q&A
2026-04-13
EPSS Evaluated
2026-05-05
NVD
CVE-2026-31417
EUVD
EUVD-2026-21938
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is in the Linux kernel's net/x25 subsystem. It involves an overflow issue when accumulating packets. Specifically, the variable `x25_sock.fraglen` could overflow because there was no proper check in place. The fix adds a check to prevent this overflow and ensures that `fraglen` is reset when purging the fragment queue in the function `x25_clear_queues()`.


How can this vulnerability impact me? :

This vulnerability in the Linux kernel's net/x25 subsystem involves an overflow issue when accumulating packets due to improper handling of the fraglen field. If exploited, it could potentially lead to memory corruption or unexpected behavior in the kernel's packet processing, which might cause system instability or crashes.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart