CVE-2026-31416

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_log: account for netlink header size

This is a followup to an old bug fix: NLMSG_DONE needs to account for the netlink header size, not just the attribute size.

This can result in a WARN splat + drop of the netlink message, but other than this there are no ill effects.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 4ec216410fac9de83c99177a160ebb8d42fad075affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 09883bf257f4243ed5a1fd35078ec6f0d0f3696aaffected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 761b45c661af48da6a065868d59ab1e1f64fd9b6affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 607245c4dbb86d9a10dd8388da0fb82170a99b61affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 6b419700e459fbf707ca1543b7c1b57a60fedb73affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 88a8f56e6276f616baad4274c6b8e4683e26e520affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < f08ffa3e1c8e36b6131f69c5eb23700c28cbd262affected
LinuxLinux9dfa1dfe4d5e5e66a991321ab08afe69759d797a < 6d52a4a0520a6696bdde51caa11f2d6821cd0c01affected
LinuxLinux3a758a2b78da2f49f7165678faf999e946a0c4b5affected
LinuxLinux131172845aa2c804ffa9423455aee585061ea35eaffected
LinuxLinuxb1fef6b81871a396f3b8702077333e769673c87baffected
LinuxLinuxadd9183d993c12fb61ce0a674a424341d5be5b36affected
LinuxLinux3.10.61 < 3.11affected
LinuxLinux3.12.34 < 3.13affected
LinuxLinux3.14.25 < 3.15affected
LinuxLinux3.17.4 < 3.18affected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux5.10.253 <= 5.10.*unaffected
LinuxLinux5.15.203 <= 5.15.*unaffected
LinuxLinux6.1.168 <= 6.1.*unaffected
LinuxLinux6.6.134 <= 6.6.*unaffected
LinuxLinux6.12.81 <= 6.12.*unaffected
LinuxLinux6.18.22 <= 6.18.*unaffected
LinuxLinux6.19.12 <= 6.19.*unaffected
LinuxLinux7.0 <= *unaffected

Weaknesses

References