Home / Vulnerability Intelligence / CVE-2026-31413

CVE-2026-31413 - Vulnerability Analysis

N/a

Last Updated: April 12, 2026

Linux Kernel - Logic Error in BPF_OR Leading to Out-of-Bounds Access

Published: April 12, 2026Updated: April 12, 2026PoC Available

Overview

Linux kernel contains a logic error in BPF_OR handling in maybe_fork_scalars() causing verifier/runtime divergence, letting attackers exploit out-of-bounds map access, exploit requires crafted BPF programs.

Severity & Score

Severity: N/a

Impact

Attackers can exploit verifier/runtime divergence to perform out-of-bounds map access, potentially leading to memory corruption or privilege escalation.

Mitigation

Update to the latest Linux kernel version containing the fix.

References

https://git.kernel.org/stable/c/58bd87d0e69204dbd739e4387a1edb0c4b1644e7
https://git.kernel.org/stable/c/c845894ebd6fb43226b3118d6b017942550910c5
https://git.kernel.org/stable/c/d13281ae7ea8902b21d99d10a2c8caf0bdec0455
https://git.kernel.org/stable/c/342aa1ee995ef5bbf876096dc3a5e51218d76fa4

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-31413
Severity: N/a
Type: undefined
Status: new

CVSS Metrics

N/A