CVE-2026-31417 PUBLISHED

net/x25: Fix overflow when accumulating packets

Assigner: Linux
Reserved: 09.03.2026 Published: 13.04.2026 Updated: 13.04.2026

In the Linux kernel, the following vulnerability has been resolved:

net/x25: Fix overflow when accumulating packets

Add a check to ensure that x25_sock.fraglen does not overflow.

The fraglen also needs to be resetted when purging fragment_queue in x25_clear_queues().

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 6e568835ea54a3e1d08e310e34f95d434e739477 (excl.)
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 1734bd85c5e0a7a801295b729efb56b009cb8fc3 (excl.)
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 4e2d1bcef78d21247fe8fef13bc7ed95885df2b5 (excl.)
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to 8c92969c197b91c134be27dc3afb64ab468853a9 (excl.)
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to f953f11ccf4afe6feb635c08145f4240d9a6b544 (excl.)
  • affected from 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 to a1822cb524e89b4cd2cf0b82e484a2335496a6d9 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 2.6.12 is affected
  • unaffected from 0 to 2.6.12 (excl.)
  • unaffected from 6.1.168 to 6.1.* (incl.)
  • unaffected from 6.6.134 to 6.6.* (incl.)
  • unaffected from 6.12.81 to 6.12.* (incl.)
  • unaffected from 6.18.22 to 6.18.* (incl.)
  • unaffected from 6.19.12 to 6.19.* (incl.)
  • unaffected from 7.0 to * (incl.)

References