CVE-2026-31420

A flaw was found in the Linux kernel's bridge subsystem, specifically within the Multiple Registration Protocol (MRP) implementation. A local user can exploit this vulnerability by supplying a zero-value test interval through the netlink interface without proper validation. This invalid input causes a delayed work process to repeatedly reschedule itself with no delay, leading to a rapid allocation and transmission of MRP test frames. Consequently, this exhausts all available system memory, resulting in an Out-Of-Memory (OOM) deadlock and a kernel panic, effectively causing a Denial of Service (DoS).