Description

In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace. Fix that up by zeroing the structure before setting individual member variables.

INFO

Published Date :

2026-04-24T14:45:18.669Z

Last Modified :

2026-04-25T05:48:30.115Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31671 vulnerability.

Vendors Products
Linux
  • Linux Kernel

CVSS Vulnerability Scoring System