๐Ÿ” CVE Alert

CVE-2026-31515

UNKNOWN 0.0

af_key: validate families in pfkey_send_migrate()

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_migrate() does not check old/new families, and that set_ipsecrequest() @family argument was truncated, thus possibly overfilling the skb. Validate families early, do not wait set_ipsecrequest(). [1] skbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:<NULL> kernel BUG at net/core/skbuff.c:214 ! Call Trace: <TASK> skb_over_panic net/core/skbuff.c:219 [inline] skb_put+0x159/0x210 net/core/skbuff.c:2655 skb_put_zero include/linux/skbuff.h:2788 [inline] set_ipsecrequest net/key/af_key.c:3532 [inline] pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636 km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848 xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705 xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Apr 22, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
08de61beab8a21c8e0b3906a97defda5f1f66ece < d0c5aa8dd38887714f1aad04236a3620b56a5e4e 08de61beab8a21c8e0b3906a97defda5f1f66ece < e06b596fc4eb01936a2e5dccad17c946d660bab8 08de61beab8a21c8e0b3906a97defda5f1f66ece < 8ddf8de7e758f6888988467af9ffc8adf589fb16 08de61beab8a21c8e0b3906a97defda5f1f66ece < d3225e6b9bd51ec177970a628fe4b11237ce87d5 08de61beab8a21c8e0b3906a97defda5f1f66ece < 7b18692c59afb8e5c364c8e3ac01e51dd6b52028 08de61beab8a21c8e0b3906a97defda5f1f66ece < 83f644ea92987c100b82d8481ae2230faeed3d34 08de61beab8a21c8e0b3906a97defda5f1f66ece < ee836e820a40e2ca4da8af7310bff92d586772d4 08de61beab8a21c8e0b3906a97defda5f1f66ece < eb2d16a7d599dc9d4df391b5e660df9949963786
Linux / Linux
2.6.21

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/d0c5aa8dd38887714f1aad04236a3620b56a5e4e git.kernel.org: https://git.kernel.org/stable/c/e06b596fc4eb01936a2e5dccad17c946d660bab8 git.kernel.org: https://git.kernel.org/stable/c/8ddf8de7e758f6888988467af9ffc8adf589fb16 git.kernel.org: https://git.kernel.org/stable/c/d3225e6b9bd51ec177970a628fe4b11237ce87d5 git.kernel.org: https://git.kernel.org/stable/c/7b18692c59afb8e5c364c8e3ac01e51dd6b52028 git.kernel.org: https://git.kernel.org/stable/c/83f644ea92987c100b82d8481ae2230faeed3d34 git.kernel.org: https://git.kernel.org/stable/c/ee836e820a40e2ca4da8af7310bff92d586772d4 git.kernel.org: https://git.kernel.org/stable/c/eb2d16a7d599dc9d4df391b5e660df9949963786