PT-2026-36087 · Linux · Linux
Published
2026-04-30
·
Updated
2026-04-30
·
CVE-2026-31692
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
In the Linux kernel, the following vulnerability has been resolved:
rtnetlink: add missing netlink ns capable() check for peer netns
rtnl newlink() lacks a CAP NET ADMIN capability check on the peer
network namespace when creating paired devices (veth, vxcan,
netkit). This allows an unprivileged user with a user namespace
to create interfaces in arbitrary network namespaces, including
init net.
Add a netlink ns capable() check for CAP NET ADMIN in the peer
namespace before allowing device creation to proceed.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux