CVE-2026-31668

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In the seg6 lwtunnel, a single dst cache per encap route is shared between the seg6 input core() and seg6 output core() functions. Because these two paths can perform post-encap SID lookups in different routing contexts, such as VRF table separation or ip rules matching on the ingress interface, the path that executes first populates the cache. The subsequent path then reuses this cached data without performing its own lookup, effectively bypassing the intended routing context.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.