CVE-2026-31411

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the ATM send path (sendmsg -> vcc sendmsg -> sigd send). The system reads the vcc pointer from msg->vcc without validation, and this pointer originates from user space via sendmsg(), making it susceptible to forgery. A malicious daemon can send arbitrary pointer values. This can lead to a crash due to the kernel dereferencing an invalid pointer. The issue is addressed by introducing find get vcc(), which validates the pointer by searching vcc hash and acquiring a reference using sock hold() if found.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.