CVE-2026-31472

A flaw was found in the Linux kernel, specifically within the xfrm and iptfs components. A remote attacker could exploit this vulnerability by sending a specially crafted Encapsulating Security Payload (ESP) packet. This packet, containing an inner IPv4 header with a total length (tot_len) of zero or malformed Internet Header Length (ihl) values, could trigger an infinite loop in the kernel's processing. This issue results in a Denial of Service (DoS), rendering the affected system unresponsive.