CVE-2026-31503

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A conflict check failure occurs when binding a udp sock to a local address and port. The system utilizes two hashes, udptable->hash and udptable->hash2, for collision detection. When the hslot->count exceeds 10, the system switches to hash2, which is keyed by both local address and local port, whereas hash is keyed by local port only. This transition causes the system to miss conflicts when binding to wildcard addresses, such as the IPv6 wildcard address, the IPv4 wildcard address '0.0.0.0', or the IPv4-mapped wildcard address '::ffff:0.0.0.0', allowing a bind operation to succeed unexpectedly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.