CVE-2026-31752 · threatengine.sh

Home/CVE/In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_

CVE

CVE-2026-31752

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: validate ND option lengths br_nd_send() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option payload. Validate option lengths against the remaining NS option area before advancing, and only read source LLADDR when the option is large enough for an Ethernet address.

MEDIUM · CVSS 5.5 EPSS 0.00015

Monitor

No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence

Sigma rules0 YARA rules0

▤

Affected Products & Versions

8

linux kernel>= 4.15 and < 5.10.253
linux kernel>= 5.11 and < 5.15.203
linux kernel>= 5.16 and < 6.1.168
linux kernel>= 6.2 and < 6.6.134
linux kernel>= 6.7 and < 6.12.81
linux kernel>= 6.13 and < 6.18.22
linux kernel>= 6.19 and < 6.19.12
linux kernelall versions

▣

Scoring & Timeline

5.5

MEDIUM · CVSS v3.1 · 416baaa9-dc9f-4396-8d5f-8c081fb06d67

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD01 May 2026 · 03:16 PM

CVSS VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

🔗

References & Sources

8

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

https://git.kernel.org/stable/c/259466f76f5a2148aff11134e68f4b4c6d52725bPatch

https://git.kernel.org/stable/c/82a42eceec7c6bdb0e0da94c0542a173b7ea57f2Patch

https://git.kernel.org/stable/c/837392a38445729c22e03d3abcf33f07763efd85Patch

https://git.kernel.org/stable/c/850837965af15707fd3142c1cf3c5bfaf022299bPatch

https://git.kernel.org/stable/c/c49b9256bbacb6a135654aebd12e4c0e87166b7cPatch

https://git.kernel.org/stable/c/e0bfd6d4dc77ab345b6c65eef0cfe9b2f69085aaPatch

Show all 8 references

https://git.kernel.org/stable/c/e71303a9190496136e240c4f2872b7b0b16027a7Patch

https://git.kernel.org/stable/c/ee02d8991fd7bd86ed6ebd0deb4aab53feb0e43aPatch

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin