CVE-2026-31671
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
24/04/2026
Última modificación:
24/04/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
xfrm_user: fix info leak in build_report()<br />
<br />
struct xfrm_user_report is a __u8 proto field followed by a struct<br />
xfrm_selector which means there is three "empty" bytes of padding, but<br />
the padding is never zeroed before copying to userspace. Fix that up by<br />
zeroing the structure before setting individual member variables.
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/0616314b3b34f24cbb91da8c6bd8bcdc4c8592f9
- https://git.kernel.org/stable/c/0a30dceb0e1f0c480d2482e6d7cebf8aebb6eb72
- https://git.kernel.org/stable/c/6c55714c931051cd7f4839c19ce0867179fd22fe
- https://git.kernel.org/stable/c/716c546e88cfe49d841658240e10cb57bc50a2cc
- https://git.kernel.org/stable/c/d10119968d0e1f2b669604baf2a8b5fdb72fa6b4
- https://git.kernel.org/stable/c/d27c02eec529f78055a46a5c9e6c62684382b2d8
- https://git.kernel.org/stable/c/e0c8542c3d097ed4205ded51868195d5d6ddac62
- https://git.kernel.org/stable/c/ff5ee507302303b15859753c3e0d67d38fd12c88