๐Ÿ” CVE Alert

CVE-2026-31684

UNKNOWN 0.0

net: sched: act_csum: validate nested VLAN headers

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

In the Linux kernel, the following vulnerability has been resolved: net: sched: act_csum: validate nested VLAN headers tcf_csum_act() walks nested VLAN headers directly from skb->data when an skb still carries in-payload VLAN tags. The current code reads vlan->h_vlan_encapsulated_proto and then pulls VLAN_HLEN bytes without first ensuring that the full VLAN header is present in the linear area. If only part of an inner VLAN header is linearized, accessing h_vlan_encapsulated_proto reads past the linear area, and the following skb_pull(VLAN_HLEN) may violate skb invariants. Fix this by requiring pskb_may_pull(skb, VLAN_HLEN) before accessing and pulling each nested VLAN header. If the header still is not fully available, drop the packet through the existing error path.

Vendor linux
Product linux
Ecosystems
Industries
Technology
Published Apr 25, 2026
Last Updated Jun 1, 2026
Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Linux / Linux
2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < 0410c619e86551677fb79887a38eccad3f5a0725 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < 886469b6455611a511aa6013e957e15e50577513 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < 46c07ad50fa2f4ba7663ee1b72b75ad7ad45cf09 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < eb3765b90eb8f2a3d6310a80c14a9e57ec4267a2 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < a69738efea0996d05a3c7d2178551b891744df1b 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < ec4930979b3f7bbeb7af5744599fc6603a4dba62 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < 3d165d975305cf76ff0b10a3c798fb31e5f5f9a5 2ecba2d1e45b24620a7c3df9531895cf68d5dec6 < c842743d073bdd683606cb414eb0ca84465dd834 3764bfae5056e95617b6ee074129297e11710886 4.19.99 < 4.20
Linux / Linux
5.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
git.kernel.org: https://git.kernel.org/stable/c/0410c619e86551677fb79887a38eccad3f5a0725 git.kernel.org: https://git.kernel.org/stable/c/886469b6455611a511aa6013e957e15e50577513 git.kernel.org: https://git.kernel.org/stable/c/46c07ad50fa2f4ba7663ee1b72b75ad7ad45cf09 git.kernel.org: https://git.kernel.org/stable/c/eb3765b90eb8f2a3d6310a80c14a9e57ec4267a2 git.kernel.org: https://git.kernel.org/stable/c/a69738efea0996d05a3c7d2178551b891744df1b git.kernel.org: https://git.kernel.org/stable/c/ec4930979b3f7bbeb7af5744599fc6603a4dba62 git.kernel.org: https://git.kernel.org/stable/c/3d165d975305cf76ff0b10a3c798fb31e5f5f9a5 git.kernel.org: https://git.kernel.org/stable/c/c842743d073bdd683606cb414eb0ca84465dd834