What is CVE-2026-31665?

CVE-2026-31665 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.

How severe is CVE-2026-31665?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Linux

CVE-2026-31665

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree() immediately after nf_ct_untimeout(), w…

EPSS: 0.000 (3.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linux — versions 7e0b2b57f01d183e1c84114f1f2287737358d748, 4.19, 0

References

git.kernel.org/stable/c/c458fc1c278a65ad5381083121d39a479973ebed
git.kernel.org/stable/c/c581e5c8f2b59158f62efe61c1a3dc36189081ff
git.kernel.org/stable/c/f16fe84879a5280f05ebbcea593a189ba0f3e79a
git.kernel.org/stable/c/070abdf1b04325b21a20a2a0c39a2208af107275
git.kernel.org/stable/c/aa7cfa16f98f8ec3e6d47c34e1a8c1ae4b9b8b77
git.kernel.org/stable/c/b42aca3660dc2627a29a38131597ca610dc451f9
git.kernel.org/stable/c/d0983b48c10d1509fd795c155f8b1e832e1369ff
git.kernel.org/stable/c/f8dca15a1b190787bbd03285304b569631160eda

Frequently asked questions

What is CVE-2026-31665?: CVE-2026-31665 is a high-severity vulnerability in Linux. CVSS score: 7.8/10. Published 2026-04-24.
How severe is CVE-2026-31665?: High severity. CVSS v3 base score is 7.8 out of 10.