Linux Kernel rNetlink: Missing CAP_NET_ADMIN Check Enables Creating In Any NetNS
CVE-2026-31692 Published on April 30, 2026
rtnetlink: add missing netlink_ns_capable() check for peer netns
In the Linux kernel, the following vulnerability has been resolved:
rtnetlink: add missing netlink_ns_capable() check for peer netns
rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the peer
network namespace when creating paired devices (veth, vxcan,
netkit). This allows an unprivileged user with a user namespace
to create interfaces in arbitrary network namespaces, including
init_net.
Add a netlink_ns_capable() check for CAP_NET_ADMIN in the peer
namespace before allowing device creation to proceed.
Products Associated with CVE-2026-31692
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 81adee47dfb608df3ad0b91d230fb3cef75f0060 and below 0975b64ffb34560042090a5986c3a02e6c80f36f is affected.
- Version 81adee47dfb608df3ad0b91d230fb3cef75f0060 and below d04cc16d3624218a5458b2b664ae431f1b3b334d is affected.
- Version 81adee47dfb608df3ad0b91d230fb3cef75f0060 and below 7b735ef81286007794a227ce2539419479c02a5f is affected.
- Version 2.6.33 is affected.
- Before 2.6.33 is unaffected.
- Version 6.18.24, <= 6.18.* is unaffected.
- Version 6.19.14, <= 6.19.* is unaffected.
- Version 7.0, <= * is unaffected.