CVE-2026-31681

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: xt_multiport: validate range encoding in checkentry<br /> <br /> ports_match_v1() treats any non-zero pflags entry as the start of a<br /> port range and unconditionally consumes the next ports[] element as<br /> the range end.<br /> <br /> The checkentry path currently validates protocol, flags and count, but<br /> it does not validate the range encoding itself. As a result, malformed<br /> rules can mark the last slot as a range start or place two range starts<br /> back to back, leaving ports_match_v1() to step past the last valid<br /> ports[] element while interpreting the rule.<br /> <br /> Reject malformed multiport v1 rules in checkentry by validating that<br /> each range start has a following element and that the following element<br /> is not itself marked as another range start.