CVE-2026-31649 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: April 27, 2026
Linux Kernel net: stmmac - Integer Overflow
Overview
Linux kernel net: stmmac contains an integer underflow caused by incorrect length calculation in jumbo_frm chain mode, letting attackers cause kernel memory disclosure and potential corruption, exploit requires crafted network packets.
Severity & Score
Impact
Attackers can cause kernel memory disclosure and potential memory corruption, risking system stability and data confidentiality.
Mitigation
Update to the latest Linux kernel version containing the fix for this integer underflow in stmmac chain mode.
References
- https://git.kernel.org/stable/c/51f4e090b9f87b40c21b6daadb5c06e6c0a07b67
- https://git.kernel.org/stable/c/6fca757c20396dc2e604dcc61922264e9e3dc803
- https://git.kernel.org/stable/c/a2b68a9a476b9544ff31f1fbcd5d80867a8a5e2f
- https://git.kernel.org/stable/c/b7b8012193fd98236d7ae05d4b553f010a77b2ef
- https://git.kernel.org/stable/c/10d12b9240ebf96c785f0e2e4228318cd5f3a3eb
- https://git.kernel.org/stable/c/275bdf762e82082f064e60a92448fa2ac43cf95b
- https://git.kernel.org/stable/c/2c91b39912278d0878f9ba60ba04d2518b18a08d
- https://git.kernel.org/stable/c/513e06735f5be575b409d195822195348b164e48
Social Media Activity(1 post)
š“ CVE-2026-31649 - Critical (9.8) In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = nopaged_len - bmax; where nopaged_len = skb_headl... š https://www.thehackerwire.com/vulnerability/CVE-2026-31649/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-31649
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- integer_overflow
- Status
- unconfirmed
- EPSS
- 5.3%
- Social Posts
- 1
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H