PatchSiren cyber security CVE debrief
CVE-2026-31674 Linux CVE debrief
The Linux kernel has a vulnerability that has been resolved. The vulnerability is related to the netfilter component, specifically in the ip6t_rt module. The vulnerability occurs when the addrnr value exceeds IP6T_RT_HOPS in the rt_mt6_check function. This can lead to a potential denial of service or code execution. Affected users should apply patches from Linux kernel stable branches and restrict access to vulnerable systems.
- Vendor
- Linux
- Product
- Unknown
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-25
- Original CVE updated
- 2026-07-14
- Advisory published
- 2026-04-25
- Advisory updated
- 2026-07-14
Who should care
Users of Linux kernel versions 2.6.12.1 to 6.19.11, 6.7 to 6.12.80, and 6.13 to 6.18.21 should be aware of this vulnerability and take necessary actions to mitigate it. System administrators and security teams should review their system configurations and apply patches or mitigations as necessary.
Technical summary
The vulnerability is caused by the lack of validation of the addrnr value in the rt_mt6_check function. The rt_mt6 function expects addrnr to stay within the bounds of rtinfo->addrs[]. To fix this vulnerability, the addrnr value is validated during rule installation, and malformed rules are rejected before the match logic can use an out-of-range value. Users of Linux kernel versions 2.6.12.1 to 6.19.11, 6.7 to 6.12.80, and 6.13 to 6.18.21 should be aware of this vulnerability and take necessary actions to mitigate it.
Defensive priority
High
Recommended defensive actions
- Apply patches from Linux kernel stable branches
- Restrict access to vulnerable systems
- Monitor network traffic for suspicious activity
- Implement compensating controls to detect and prevent exploitation
- Perform regular vulnerability scans and inventory checks
- Review system configurations for potential exposure
- Track exceptions and retest remediated assets
Evidence notes
The CVE record was published on 2026-04-25T09:16:00.963Z and was last modified on 2026-07-14T13:18:48.320Z. The NVD entry is currently Modified. This vulnerability affects Linux kernel versions 2.6.12.1 to 6.19.11, 6.7 to 6.12.80, and 6.13 to 6.18.21. Users should verify their system configurations and apply patches or mitigations as necessary. The vulnerability is related to the netfilter component, specifically in the ip6t_rt module.
Official resources
-
CVE-2026-31674 CVE record
CVE.org
-
CVE-2026-31674 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
-
Mitigation or vendor reference
416baaa9-dc9f-4396-8d5f-8c081fb06d67 - Patch
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-04-25T09:16:00.963Z and has not been modified since then. The NVD entry is currently Modified.