Description
In the Linux kernel, the following vulnerability has been resolved:

net/x25: Fix overflow when accumulating packets

Add a check to ensure that `x25_sock.fraglen` does not overflow.

The `fraglen` also needs to be resetted when purging `fragment_queue` in
`x25_clear_queues()`.
Published: 2026-04-13
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: Integer Overflow in X25 packet processing
Action: Apply patch
AI Analysis

Impact

The bug, discovered in the Linux kernel's X25 networking subsystem, is an integer overflow that occurs when the kernel accumulates packet fragments. The missing bounds check on the x25_sock.fraglen field can cause the counter to wrap around, resulting in corrupted state and potentially unsafe memory handling. As a consequence an attacker could force the kernel to misinterpret packet sizes or indices, leading to memory corruption or a denial of service.

Affected Systems

All versions of the Linux kernel that include the net/x25 module and have not yet incorporated the fix are affected. The vulnerability is present in the core kernel code and would impact any system running an unpatched kernel that enables or processes X25 traffic, irrespective of distribution vendor.

Risk and Exploitability

The CVSS score is not supplied, but the integer overflow is a significant vulnerability that could be exploited by an attacker with the ability to send crafted X25 packets to the target machine. The required attack vector is network‑based, and the vulnerability does not require local privileges. With the EPSS score unavailable and the issue not listed in KEV, the overall risk remains high until the patch is applied.

Generated by OpenCVE AI on April 14, 2026 at 01:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest kernel update that includes the commit fixing the x25 fraglen overflow
  • If a kernel upgrade is not immediately possible, restrict or block traffic on the X25 network interface to prevent exploitation
  • Monitor kernel logs for abnormal fragment handling or kernel panics related to X25
  • Consider disabling the X25 module entirely if the protocol is not required in your environment

Generated by OpenCVE AI on April 14, 2026 at 01:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 14 Apr 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-190
References

Mon, 13 Apr 2026 13:45:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_queue` in `x25_clear_queues()`.
Title net/x25: Fix overflow when accumulating packets
First Time appeared Linux
Linux linux Kernel
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel
References

Subscriptions

Linux Linux Kernel
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published:

Updated: 2026-04-13T13:21:04.638Z

Reserved: 2026-03-09T15:48:24.087Z

Link: CVE-2026-31417

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-13T14:16:11.097

Modified: 2026-04-13T15:01:43.663

Link: CVE-2026-31417

cve-icon Redhat

Severity :

Publid Date: 2026-04-13T00:00:00Z

Links: CVE-2026-31417 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:34:31Z

Weaknesses