CVE-2026-31418

medium Red Hat
EPSS Score
0.0%
Exploitation probability in 30 days
Top 97% most likely to be exploited
Published: April 13, 2026 (88 days ago)
Last Modified: April 13, 2026
Vendor: Red Hat
Source: REDHAT

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops the bucket when both n->pos and k are zero. This misses buckets whose live entries have all been removed while n->pos still points past deleted slots. Treat a bucket as empty when all positions below n->pos are unused and release it directly instead of shrinking it further.

Affected Products

Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9

References