What is CVE-2026-31669?

CVE-2026-31669 is a critical-severity vulnerability in Linux. CVSS score: 9.8/10. Published 2026-04-24.

How severe is CVE-2026-31669?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Linux

CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability du…

EPSS: 0.001 (26.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Linux — versions b19bc2945b40b9fd38e835700907ffe8534ef0de, 5.12, 0

References

git.kernel.org/stable/c/f6e1f25fa5e733570f6d6fe37a4dfed2a0deba47
git.kernel.org/stable/c/fb1f54b7d16f393b8b65d328410f78b4beea8fcc
git.kernel.org/stable/c/3fd6547f5b8ac99687be6d937a0321efda760597
git.kernel.org/stable/c/eb9c6aeb512f877cf397deb1e4526f646c70e4a7
git.kernel.org/stable/c/15fa9ead4d5e6b6b9c794e84144146c917f2cb62
git.kernel.org/stable/c/b313e9037d98c13938740e5ebda7852929366dff
git.kernel.org/stable/c/9b55b253907e7431210483519c5ad711a37dafa1

Frequently asked questions

What is CVE-2026-31669?: CVE-2026-31669 is a critical-severity vulnerability in Linux. CVSS score: 9.8/10. Published 2026-04-24.
How severe is CVE-2026-31669?: Critical severity. CVSS v3 base score is 9.8 out of 10.