CVE-2026-31630

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In the AF RXRPC procfs helpers, local and remote socket addresses are formatted into fixed 50-byte stack buffers using the %pISpc formatter. This buffer size is insufficient for the longest possible IPv6-with-port strings, such as those involving ISATAP addresses (Intra-Site Automatic Tunnel Addressing, a mechanism for connecting IPv6 hosts over IPv4 networks). Specifically, certain address formats can produce 50 visible characters, requiring 51 bytes including the null terminator, which leads to a buffer overflow in net/rxrpc/proc.c.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.