CVE-2026-31416

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-31416

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31416.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2026-31416

Downstream

BELL-CVE-2026-31416

DEBIAN-CVE-2026-31416

ECHO-9c80-2f20-c8b4

MGASA-2026-0108

MGASA-2026-0110

OESA-2026-2172

OESA-2026-2173

OESA-2026-2176

ROOT-OS-DEBIAN-11-CVE-2026-31416

ROOT-OS-DEBIAN-12-CVE-2026-31416

ROOT-OS-DEBIAN-13-CVE-2026-31416

ROOT-OS-UBUNTU-2204-CVE-2026-31416

ROOT-OS-UBUNTU-2404-CVE-2026-31416

SUSE-SU-2026:2068-1

SUSE-SU-2026:21841-1

SUSE-SU-2026:21845-1

SUSE-SU-2026:21860-1

SUSE-SU-2026:21876-1

SUSE-SU-2026:21877-1

SUSE-SU-2026:21916-1

SUSE-SU-2026:21919-1

SUSE-SU-2026:2217-1

SUSE-SU-2026:2238-1

UBUNTU-CVE-2026-31416

openSUSE-SU-2026:20826-1

Related

Published

2026-04-13T13:21:03.974Z

Modified

2026-06-04T09:14:27.388522763Z

Summary

netfilter: nfnetlink_log: account for netlink header size

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_log: account for netlink header size

This is a followup to an old bug fix: NLMSG_DONE needs to account for the netlink header size, not just the attribute size.

This can result in a WARN splat + drop of the netlink message, but other than this there are no ill effects.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/31xxx/CVE-2026-31416.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9dfa1dfe4d5e5e66a991321ab08afe69759d797a

Fixed

4ec216410fac9de83c99177a160ebb8d42fad075

Fixed

09883bf257f4243ed5a1fd35078ec6f0d0f3696a

Fixed

761b45c661af48da6a065868d59ab1e1f64fd9b6

Fixed

607245c4dbb86d9a10dd8388da0fb82170a99b61

Fixed

6b419700e459fbf707ca1543b7c1b57a60fedb73

Fixed

88a8f56e6276f616baad4274c6b8e4683e26e520

Fixed

f08ffa3e1c8e36b6131f69c5eb23700c28cbd262

Fixed

6d52a4a0520a6696bdde51caa11f2d6821cd0c01

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3a758a2b78da2f49f7165678faf999e946a0c4b5

Last affected

131172845aa2c804ffa9423455aee585061ea35e

Last affected

b1fef6b81871a396f3b8702077333e769673c87b

Last affected

add9183d993c12fb61ce0a674a424341d5be5b36

Affected versions

v2.*

v2.6.12-rc2

v2.6.12-rc3

v2.6.12-rc4

v2.6.13

v2.6.13-rc1

v2.6.13-rc2

v2.6.13-rc3

v2.6.13-rc4

v2.6.13-rc5

v2.6.13-rc6

v2.6.13-rc7

v2.6.14-rc1

v2.6.14-rc2

v2.6.14-rc3

v2.6.15-rc1

v2.6.15-rc2

v2.6.15-rc4

v2.6.15-rc5

v2.6.15-rc7

v2.6.16

v2.6.16-rc1

v2.6.16-rc2

v2.6.16-rc3

v2.6.16-rc4

v2.6.16-rc5

v2.6.16-rc6

v2.6.17

v2.6.17-rc1

v2.6.17-rc2

v2.6.17-rc3

v2.6.17-rc4

v2.6.17-rc5

v2.6.17-rc6

v2.6.18

v2.6.18-rc1

v2.6.18-rc2

v2.6.18-rc3

v2.6.18-rc5

v2.6.18-rc6

v2.6.19-rc1

v2.6.19-rc2

v2.6.20-rc1

v2.6.20-rc2

v2.6.20-rc3

v2.6.20-rc4

v2.6.20-rc5

v2.6.20-rc6

v2.6.20-rc7

v2.6.21

v2.6.21-rc1

v2.6.21-rc2

v2.6.21-rc3

v2.6.21-rc4

v2.6.21-rc5

v2.6.21-rc6

v2.6.21-rc7

v2.6.22

v2.6.22-rc1

v2.6.22-rc2

v2.6.22-rc3

v2.6.22-rc4

v2.6.22-rc5

v2.6.22-rc6

v2.6.22-rc7

v2.6.23

v2.6.23-rc1

v2.6.23-rc2

v2.6.23-rc3

v2.6.23-rc4

v2.6.23-rc5

v2.6.23-rc6

v2.6.23-rc7

v2.6.23-rc8

v2.6.23-rc9

v2.6.24

v2.6.24-rc1

v2.6.24-rc2

v2.6.24-rc3

v2.6.24-rc4

v2.6.24-rc5

v2.6.24-rc6

v2.6.24-rc7

v2.6.24-rc8

v2.6.25

v2.6.25-rc1

v2.6.25-rc2

v2.6.25-rc3

v2.6.25-rc4

v2.6.25-rc5

v2.6.25-rc6

v2.6.25-rc7

v2.6.25-rc8

v2.6.25-rc9

v2.6.26

v2.6.26-rc1

v2.6.26-rc2

v2.6.26-rc3

v2.6.26-rc4

v2.6.26-rc5

v2.6.26-rc6

v2.6.26-rc7

v2.6.26-rc8

v2.6.26-rc9

v2.6.27

v2.6.27-rc1

v2.6.27-rc2

v2.6.27-rc3

v2.6.27-rc4

v2.6.27-rc5

v2.6.27-rc6

v2.6.27-rc7

v2.6.27-rc8

v2.6.27-rc9

v2.6.28

v2.6.28-rc1

v2.6.28-rc2

v2.6.28-rc3

v2.6.28-rc4

v2.6.28-rc5

v2.6.28-rc6

v2.6.28-rc7

v2.6.28-rc8

v2.6.28-rc9

v2.6.29

v2.6.29-rc1

v2.6.29-rc2

v2.6.29-rc3

v2.6.29-rc4

v2.6.29-rc5

v2.6.29-rc6

v2.6.29-rc7

v2.6.29-rc8

v2.6.30

v2.6.30-rc1

v2.6.30-rc2

v2.6.30-rc3

v2.6.30-rc4

v2.6.30-rc5

v2.6.30-rc6

v2.6.30-rc7

v2.6.30-rc8

v2.6.31

v2.6.31-rc1

v2.6.31-rc2

v2.6.31-rc3

v2.6.31-rc4

v2.6.31-rc5

v2.6.31-rc6

v2.6.31-rc7

v2.6.31-rc8

v2.6.31-rc9

v2.6.32

v2.6.32-rc1

v2.6.32-rc2

v2.6.32-rc3

v2.6.32-rc4

v2.6.32-rc5

v2.6.32-rc6

v2.6.32-rc7

v2.6.32-rc8

v2.6.33

v2.6.33-rc1

v2.6.33-rc2

v2.6.33-rc3

v2.6.33-rc4

v2.6.33-rc5

v2.6.33-rc6

v2.6.33-rc7

v2.6.33-rc8

v2.6.34

v2.6.34-rc1

v2.6.34-rc2

v2.6.34-rc3

v2.6.34-rc4

v2.6.34-rc5

v2.6.34-rc6

v2.6.34-rc7

v2.6.35

v2.6.35-rc1

v2.6.35-rc2

v2.6.35-rc3

v2.6.35-rc4

v2.6.35-rc5

v2.6.35-rc6

v2.6.36

v2.6.36-rc1

v2.6.36-rc2

v2.6.36-rc3

v2.6.36-rc4

v2.6.36-rc5

v2.6.36-rc6

v2.6.36-rc7

v2.6.36-rc8

v2.6.37

v2.6.37-rc1

v2.6.37-rc2

v2.6.37-rc3

v2.6.37-rc4

v2.6.37-rc5

v2.6.37-rc6

v2.6.37-rc7

v2.6.37-rc8

v2.6.38

v2.6.38-rc1

v2.6.38-rc2

v2.6.38-rc3

v2.6.38-rc4

v2.6.38-rc5

v2.6.38-rc6

v2.6.38-rc7

v2.6.38-rc8

v2.6.39

v2.6.39-rc1

v2.6.39-rc2

v2.6.39-rc3

v2.6.39-rc4

v2.6.39-rc5

v2.6.39-rc6

v2.6.39-rc7

v3.*

v3.0

v3.0-rc1

v3.0-rc2

v3.0-rc3

v3.0-rc4

v3.0-rc5

v3.0-rc6

v3.0-rc7

v3.1

v3.1-rc1

v3.1-rc10

v3.1-rc2

v3.1-rc3

v3.1-rc4

v3.1-rc5

v3.1-rc6

v3.1-rc7

v3.1-rc8

v3.1-rc9

v3.10

v3.10-rc1

v3.10-rc2

v3.10-rc3

v3.10-rc4

v3.10-rc5

v3.10-rc6

v3.10-rc7

v3.10.1

v3.10.10

v3.10.11

v3.10.12

v3.10.13

v3.10.14

v3.10.15

v3.10.16

v3.10.17

v3.10.18

v3.10.19

v3.10.2

v3.10.20

v3.10.21

v3.10.22

v3.10.23

v3.10.24

v3.10.25

v3.10.26

v3.10.27

v3.10.28

v3.10.29

v3.10.3

v3.10.30

v3.10.31

v3.10.32

v3.10.33

v3.10.34

v3.10.35

v3.10.36

v3.10.37

v3.10.38

v3.10.39

v3.10.4

v3.10.40

v3.10.41

v3.10.42

v3.10.43

v3.10.44

v3.10.45

v3.10.46

v3.10.47

v3.10.48

v3.10.49

v3.10.5

v3.10.50

v3.10.51

v3.10.52

v3.10.53

v3.10.54

v3.10.55

v3.10.56

v3.10.57

v3.10.58

v3.10.59

v3.10.6

v3.10.60

v3.10.7

v3.10.8

v3.10.9

v3.11

v3.11-rc1

v3.11-rc2

v3.11-rc3

v3.11-rc4

v3.11-rc5

v3.11-rc6

v3.11-rc7

v3.12

v3.12-rc1

v3.12-rc2

v3.12-rc3

v3.12-rc4

v3.12-rc5

v3.12-rc6

v3.12-rc7

v3.12.1

v3.12.10

v3.12.11

v3.12.12

v3.12.13

v3.12.14

v3.12.15

v3.12.16

v3.12.17

v3.12.18

v3.12.19

v3.12.2

v3.12.20

v3.12.21

v3.12.22

v3.12.23

v3.12.24

v3.12.25

v3.12.26

v3.12.27

v3.12.28

v3.12.29

v3.12.3

v3.12.30

v3.12.31

v3.12.32

v3.12.33

v3.12.4

v3.12.5

v3.12.6

v3.12.7

v3.12.8

v3.12.9

v3.13

v3.13-rc1

v3.13-rc2

v3.13-rc3

v3.13-rc4

v3.13-rc5

v3.13-rc6

v3.13-rc7

v3.13-rc8

v3.14

v3.14-rc1

v3.14-rc2

v3.14-rc3

v3.14-rc4

v3.14-rc5

v3.14-rc6

v3.14-rc7

v3.14-rc8

v3.14.1

v3.14.10

v3.14.11

v3.14.12

v3.14.13

v3.14.14

v3.14.15

v3.14.16

v3.14.17

v3.14.18

v3.14.19

v3.14.2

v3.14.20

v3.14.21

v3.14.22

v3.14.23

v3.14.24

v3.14.3

v3.14.4

v3.14.5

v3.14.6

v3.14.7

v3.14.8

v3.14.9

v3.15

v3.15-rc1

v3.15-rc2

v3.15-rc3

v3.15-rc4

v3.15-rc5

v3.15-rc6

v3.15-rc7

v3.15-rc8

v3.16

v3.16-rc1

v3.16-rc2

v3.16-rc3

v3.16-rc4

v3.16-rc5

v3.16-rc6

v3.16-rc7

v3.17

v3.17-rc1

v3.17-rc2

v3.17-rc3

v3.17-rc4

v3.17-rc5

v3.17-rc6

v3.17-rc7

v3.17.1

v3.17.2

v3.17.3

v3.2

v3.2-rc1

v3.2-rc2

v3.2-rc3

v3.2-rc4

v3.2-rc5

v3.2-rc6

v3.2-rc7

v3.3

v3.3-rc1

v3.3-rc2

v3.3-rc3

v3.3-rc4

v3.3-rc5

v3.3-rc6

v3.3-rc7

v3.4

v3.4-rc1

v3.4-rc2

v3.4-rc3

v3.4-rc4

v3.4-rc5

v3.4-rc6

v3.4-rc7

v3.5

v3.5-rc1

v3.5-rc2

v3.5-rc3

v3.5-rc4

v3.5-rc5

v3.5-rc6

v3.5-rc7

v3.6

v3.6-rc1

v3.6-rc2

v3.6-rc3

v3.6-rc4

v3.6-rc5

v3.6-rc6

v3.6-rc7

v3.7

v3.7-rc1

v3.7-rc2

v3.7-rc3

v3.7-rc4

v3.7-rc5

v3.7-rc6

v3.7-rc7

v3.7-rc8

v3.8

v3.8-rc1

v3.8-rc2

v3.8-rc3

v3.8-rc4

v3.8-rc5

v3.8-rc6

v3.8-rc7

v3.9

v3.9-rc1

v3.9-rc2

v3.9-rc3

v3.9-rc4

v3.9-rc5

v3.9-rc6

v3.9-rc7

v3.9-rc8

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31416.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

3.18.0

Fixed

5.10.253

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.203

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.168

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.134

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.12.81

Type: ECOSYSTEM
Events: Introduced

6.13.0

Fixed

6.18.22

Type: ECOSYSTEM
Events: Introduced

6.19.0

Fixed

6.19.12

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-31416.json"