Description

In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlink_ns_capable() check for peer netns rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the peer network namespace when creating paired devices (veth, vxcan, netkit). This allows an unprivileged user with a user namespace to create interfaces in arbitrary network namespaces, including init_net. Add a netlink_ns_capable() check for CAP_NET_ADMIN in the peer namespace before allowing device creation to proceed.

INFO

Published Date :

2026-04-30T10:34:51.589Z

Last Modified :

2026-04-30T10:34:51.589Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-31692 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-31692.

URL Resource
https://git.kernel.org/stable/c/0975b64ffb34560042090a5986c3a02e6c80f36f cve-icon cve-icon
https://git.kernel.org/stable/c/7b735ef81286007794a227ce2539419479c02a5f cve-icon cve-icon
https://git.kernel.org/stable/c/d04cc16d3624218a5458b2b664ae431f1b3b334d cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026043054-CVE-2026-31692-5f89@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-31692 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-31692 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact