Linux Kernel nfnetlink_log: Netlink Header Size Fix
CVE-2026-31416 Published on April 13, 2026
netfilter: nfnetlink_log: account for netlink header size
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nfnetlink_log: account for netlink header size
This is a followup to an old bug fix: NLMSG_DONE needs to account
for the netlink header size, not just the attribute size.
This can result in a WARN splat + drop of the netlink message,
but other than this there are no ill effects.
Products Associated with CVE-2026-31416
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 4ec216410fac9de83c99177a160ebb8d42fad075 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 09883bf257f4243ed5a1fd35078ec6f0d0f3696a is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 761b45c661af48da6a065868d59ab1e1f64fd9b6 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 607245c4dbb86d9a10dd8388da0fb82170a99b61 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 6b419700e459fbf707ca1543b7c1b57a60fedb73 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 88a8f56e6276f616baad4274c6b8e4683e26e520 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below f08ffa3e1c8e36b6131f69c5eb23700c28cbd262 is affected.
- Version 9dfa1dfe4d5e5e66a991321ab08afe69759d797a and below 6d52a4a0520a6696bdde51caa11f2d6821cd0c01 is affected.
- Version 3a758a2b78da2f49f7165678faf999e946a0c4b5 is affected.
- Version 131172845aa2c804ffa9423455aee585061ea35e is affected.
- Version b1fef6b81871a396f3b8702077333e769673c87b is affected.
- Version add9183d993c12fb61ce0a674a424341d5be5b36 is affected.
- Version 3.18 is affected.
- Before 3.18 is unaffected.
- Version 5.10.253, <= 5.10.* is unaffected.
- Version 5.15.203, <= 5.15.* is unaffected.
- Version 6.1.168, <= 6.1.* is unaffected.
- Version 6.6.134, <= 6.6.* is unaffected.
- Version 6.12.81, <= 6.12.* is unaffected.
- Version 6.18.22, <= 6.18.* is unaffected.
- Version 6.19.12, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.