CVE-2026-31616 | Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 usb pn_rx_complete frags[] heap-based overflow

Inserito da Angelo Barbosa | Apr 24, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This vulnerability affects the function pn_rx_complete of the component usb. This manipulation of the argument frags[] causes heap-based buffer overflow.

This vulnerability is registered as CVE-2026-31616. The attack requires access to the local network. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-31616 | Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 usb pn_rx_complete frags[] heap-based overflow

Post correlati

CVE-2025-0412 | Luxion KeyShot Viewer 12.1.1.11 KSP File Parser memory corruption (ZDI-23-1716)

CVE-2026-23006 | Linux Kernel up to 6.12.66/6.18.6/6.19-rc5 ASoC snd_soc_component null pointer dereference

CVE-2025-12427 | YITH WooCommerce Wishlist Plugin up to 4.10.0 on WordPress REST API Endpoint resource injection

CVE-2024-23228 | Apple iOS/iPadOS up to 17.2 Locked Notes state issue