CVE-2026-31752
bridge: br_nd_send: validate ND option lengths
Description
In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_nd_send() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option payload. Validate option lengths against the remaining NS option area before advancing, and only read source LLADDR when the option is large enough for an Ethernet address.
INFO
Published Date :
May 1, 2026, 3:16 p.m.
Last Modified :
May 1, 2026, 3:24 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products
The following products are affected by CVE-2026-31752
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
Solution
- Update the Linux kernel to the latest version.
- Validate ND option lengths in the bridge module.
- Ensure LLADDR is read only when option is large enough.
- Apply provided patches for kernel vulnerability.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2026-31752.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2026-31752 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2026-31752
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-31752 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2026-31752 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 01, 2026
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_nd_send() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option payload. Validate option lengths against the remaining NS option area before advancing, and only read source LLADDR when the option is large enough for an Ethernet address. Added Reference https://git.kernel.org/stable/c/259466f76f5a2148aff11134e68f4b4c6d52725b Added Reference https://git.kernel.org/stable/c/82a42eceec7c6bdb0e0da94c0542a173b7ea57f2 Added Reference https://git.kernel.org/stable/c/837392a38445729c22e03d3abcf33f07763efd85 Added Reference https://git.kernel.org/stable/c/850837965af15707fd3142c1cf3c5bfaf022299b Added Reference https://git.kernel.org/stable/c/c49b9256bbacb6a135654aebd12e4c0e87166b7c Added Reference https://git.kernel.org/stable/c/e0bfd6d4dc77ab345b6c65eef0cfe9b2f69085aa Added Reference https://git.kernel.org/stable/c/e71303a9190496136e240c4f2872b7b0b16027a7 Added Reference https://git.kernel.org/stable/c/ee02d8991fd7bd86ed6ebd0deb4aab53feb0e43a