PT-2026-35023 · Linux · Linux
Published
2026-04-24
·
Updated
2026-04-24
·
CVE-2026-31671
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
xfrm user: fix info leak in build report()
struct xfrm user report is a u8 proto field followed by a struct
xfrm selector which means there is three "empty" bytes of padding, but
the padding is never zeroed before copying to userspace. Fix that up by
zeroing the structure before setting individual member variables.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux