CVE-2026-31752

EUVD-2026-26565

01.05.2026, 15:16

In the Linux kernel, the following vulnerability has been resolved:

bridge: br_nd_send: validate ND option lengths

br_nd_send() walks ND options according to option-provided lengths.
A malformed option can make the parser advance beyond the computed
option span or use a too-short source LLADDR option payload.

Validate option lengths against the remaining NS option area before
advancing, and only read source LLADDR when the option is large enough
for an Ethernet address.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 2%

Affected Products (NVD)

Vendor	Product	Version
linux	linux_kernel	4.15 ≤ 𝑥 < 5.10.253
linux	linux_kernel	5.11 ≤ 𝑥 < 5.15.203
linux	linux_kernel	5.16 ≤ 𝑥 < 6.1.168
linux	linux_kernel	6.2 ≤ 𝑥 < 6.6.134
linux	linux_kernel	6.7 ≤ 𝑥 < 6.12.81
linux	linux_kernel	6.13 ≤ 𝑥 < 6.18.22
linux	linux_kernel	6.19 ≤ 𝑥 < 6.19.12
linux	linux_kernel	7.0:rc1
linux	linux_kernel	7.0:rc2
linux	linux_kernel	7.0:rc3
linux	linux_kernel	7.0:rc4
linux	linux_kernel	7.0:rc5
linux	linux_kernel	7.0:rc6

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.170-3 fixed
bookworm (security)	6.1.174-1 fixed
bullseye	vulnerable
bullseye (security)	5.10.257-1 fixed
forky	7.0.10-1 fixed
sid	7.0.12-2 fixed
trixie	6.12.86-1 fixed
trixie (security)	6.12.90-2 fixed

linux-6.1

bullseye (security)

6.1.174-1~deb11u1

fixed

Amazon Linux Releases

Amazon Package

Release

bpftool

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

bpftool-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

bpftool6.12

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

bpftool6.12-debuginfo

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

bpftool6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

bpftool6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-debuginfo-common-aarch64

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-debuginfo-common-x86_64

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-devel

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-headers

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-libbpf

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-libbpf-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-libbpf-devel

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-libbpf-static

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-livepatch-6.1.168-202.320

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-livepatch-6.12.83-113.160

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-livepatch-6.18.25-52.107

Amazon Linux 2023

1:1.0-0.amzn2023

fixed

kernel-modules-extra

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-modules-extra-common

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-tools

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-tools-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel-tools-devel

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

kernel6.12

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-debuginfo

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-debuginfo-common-aarch64

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-debuginfo-common-x86_64

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-devel

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-headers

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-modules-extra

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-modules-extra-common

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-tools

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-tools-debuginfo

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.12-tools-devel

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

kernel6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo-common-aarch64

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-debuginfo-common-x86_64

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-devel

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-headers

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-modules-extra

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-modules-extra-common

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

kernel6.18-tools-devel

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

perf

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

perf-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

perf6.12

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

perf6.12-debuginfo

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

perf6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

perf6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

python3-perf

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

python3-perf-debuginfo

Amazon Linux 2023

1:6.1.168-202.320.amzn2023

fixed

python3-perf6.12

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

python3-perf6.12-debuginfo

Amazon Linux 2023

1:6.12.83-113.160.amzn2023

fixed

python3-perf6.18

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

python3-perf6.18-debuginfo

Amazon Linux 2023

1:6.18.25-52.107.amzn2023

fixed

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um Sicherheitsmechanismen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen oder Auswirkungen unbestimmter Art zu erzielen.
Published: 2026-05-03T22:00:00+00:00

References

https://git.kernel.org/stable/c/259466f76f5a2148aff11134e68f4b4c6d52725b

https://git.kernel.org/stable/c/82a42eceec7c6bdb0e0da94c0542a173b7ea57f2

https://git.kernel.org/stable/c/837392a38445729c22e03d3abcf33f07763efd85

https://git.kernel.org/stable/c/850837965af15707fd3142c1cf3c5bfaf022299b

https://git.kernel.org/stable/c/c49b9256bbacb6a135654aebd12e4c0e87166b7c

https://git.kernel.org/stable/c/e0bfd6d4dc77ab345b6c65eef0cfe9b2f69085aa

https://git.kernel.org/stable/c/e71303a9190496136e240c4f2872b7b0b16027a7

https://git.kernel.org/stable/c/ee02d8991fd7bd86ed6ebd0deb4aab53feb0e43a