CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops the bucket when both n->pos and k are zero. This misses buckets whose live entries have all been removed while n->pos still points past deleted slots. Treat a bucket as empty when all positions below n->pos are unused and release it directly instead of shrinking it further.

Published: 4/13/2026Modified: 4/18/2026

Related Intelligence (1)

CRITICALZero Day

Patch Tuesday - April 2026

Microsoft is publishing 167 vulnerabilities on April 2026 Patch Tuesday . Microsoft is aware of exploitation in the wild for one of today’s vulnerabilities, and public disclosure for one other. Microsoft evaluates 19 of the vulnerabilities published today as more likely to see future exploitation. So far this month, Microsoft has provided patches to address 80 browser vulnerabilities, which are no

CVE-2026-32201CVE-2026-33825

Apr 14, 2026Rapid7

References (8)

https://git.kernel.org/stable/c/58f3a14826d4e6b0d5421f1a64be280b48601ea2 https://git.kernel.org/stable/c/68ca0eea0af02bed36c5e2c13e9fa1647c31a7d4 https://git.kernel.org/stable/c/6cea34d7ec6829b62f521a37a287f670144a2233 https://git.kernel.org/stable/c/9862ef9ab0a116c6dca98842aab7de13a252ae02 https://git.kernel.org/stable/c/ad92ee87462f9a3061361d392e9dbfe2e5c1c9fb https://git.kernel.org/stable/c/b7eef00f08b92b0b9efe8ae0df6d0005e6199323 https://git.kernel.org/stable/c/c098ff857e7ca923539164af5b3c2fe3e8f8afaf https://git.kernel.org/stable/c/ceacaa76f221a6577aba945bb8873c2e640aeba4