Description
In the Linux kernel, the following vulnerability has been resolved:

net/x25: Fix overflow when accumulating packets

Add a check to ensure that `x25_sock.fraglen` does not overflow.

The `fraglen` also needs to be resetted when purging `fragment_queue` in
`x25_clear_queues()`.
Published: 2026-04-13
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Integer Overflow in X25 packet processing
Action: Apply patch
AI Analysis

Impact

The bug, discovered in the Linux kernel's X25 networking subsystem, is an integer overflow that occurs when the kernel accumulates packet fragments. The missing bounds check on the x25_sock.fraglen field can cause the counter to wrap around, resulting in corrupted state and potentially unsafe memory handling. As a consequence an attacker could force the kernel to misinterpret packet sizes or indices, leading to memory corruption or a denial of service.

Affected Systems

All versions of the Linux kernel that include the net/x25 module and have not yet incorporated the fix are affected. The vulnerability is present in the core kernel code and would impact any system running an unpatched kernel that enables or processes X25 traffic, irrespective of distribution vendor.

Risk and Exploitability

The CVSS score is 7.5, and the integer overflow can be triggered by sending crafted X25 packets over the network, so the attack vector is remote and does not require local privileges. The EPSS score of less than 1% indicates that the probability of exploitation is currently very low, and the vulnerability is not listed in CISA KEV. Nevertheless, the impact of a successful exploit could be severe, potentially causing kernel data corruption or a denial of service, so the overall risk remains significant until the patch is applied.

Generated by OpenCVE AI on April 28, 2026 at 16:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that includes the commit fixing the x25 fraglen overflow
  • If a kernel upgrade is not immediately possible, restrict or block traffic on the X25 network interface to prevent exploitation
  • Monitor kernel logs for abnormal fragment handling or kernel panics related to X25
  • Consider disabling the X25 module entirely if the protocol is not required in your environment

Generated by OpenCVE AI on April 28, 2026 at 16:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4561-1 linux-6.1 security update
Debian DSA Debian DSA DSA-6238-1 linux security update
Debian DSA Debian DSA DSA-6243-1 linux security update
History

Mon, 27 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Sat, 18 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
References

Tue, 14 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
References

Mon, 13 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
Title net/x25: Fix overflow when accumulating packets
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-27T14:03:00.397Z

Reserved: 2026-03-09T15:48:24.087Z

Link: CVE-2026-31417

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-13T14:16:11.097

Modified: 2026-04-27T14:16:37.463

Link: CVE-2026-31417

cve-icon Redhat

Severity :

Publid Date: 2026-04-13T00:00:00Z

Links: CVE-2026-31417 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T16:30:35Z

Weaknesses