CVE-2026-31616 | Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0 usb pn_rx_complete frags[] heap-based overflow (EUVD-2026-25509 / Nessus ID 310283)
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This vulnerability affects the function pn_rx_complete of the component usb. This manipulation of the argument frags[] causes heap-based buffer overflow.
This vulnerability is registered as CVE-2026-31616. The attack requires access to the local network. No exploit is available.
It is advisable to upgrade the affected component.