CVE-2026-31679

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description In openvswitch, the validate set() function accepted OVS KEY ATTR MPLS as a variable-sized payload for SET and SET MASKED actions. However, action handling expects fixed-size MPLS key data (struct ovs key mpls). This discrepancy allows for invalid MPLS action payload lengths to be processed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.