[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-31700":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":42,"related":43,"reserved_at":9,"published_at":47,"modified_at":48,"state":49,"summary":50,"references_raw":59,"kevs":82,"epss":83,"epss_history":86,"metrics":186,"affected":194},"CVE-2026-31700","In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd()\n\nIn tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr points\ndirectly into the mmap'd TX ring buffer shared with userspace. The\nkernel validates the header via __packet_snd_vnet_parse() but then\nre-reads all fields later in virtio_net_hdr_to_skb(). A concurrent\nuserspace thread can modify the vnet_hdr fields between validation\nand use, bypassing all safety checks.\n\nThe non-TPACKET path (packet_snd()) already correctly copies vnet_hdr\nto a stack-local variable. All other vnet_hdr consumers in the kernel\n(tun.c, tap.c, virtio_net.c) also use stack copies. The TPACKET TX\npath is the only caller of virtio_net_hdr_to_skb() that reads directly\nfrom user-controlled shared memory.\n\nFix this by copying vnet_hdr from the mmap'd ring buffer to a\nstack-local variable before validation and use, consistent with the\napproach used in packet_snd() and all other callers.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[],[],[32,34,36,38,40],{"_key":33},"MGASA-2026-0108",{"_key":35},"MGASA-2026-0110",{"_key":37},"DEBIAN-CVE-2026-31700",{"_key":39},"OPENSUSE-SU-2026:10793-1",{"_key":41},"UBUNTU-CVE-2026-31700",[],[44,45],{"_key":39},{"_key":46},"CGA-HW38-WG5G-G99P","2026-05-01T13:56:00.205Z","2026-05-11T22:14:02.576Z","Analyzed",{"cisa_kev":51,"cisa_ransomware":51,"cisa_vendor":9,"epss_severity":52,"epss_score":53,"severity":54,"severity_score":55,"severity_version":56,"severity_source":57,"severity_vector":58,"severity_status":49},false,"low",0.00014,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[60,66,70,74,78],{"url":61,"sources":62,"tags":64},"https://git.kernel.org/stable/c/74e2db36fe50e3ad9d5300d7fd0e6e2a15a6d121",[57,63],"nvd",[65],"Patch",{"url":67,"sources":68,"tags":69},"https://git.kernel.org/stable/c/3a1bf9116ea31470b89692585c3910dfe830dcdd",[57,63],[65],{"url":71,"sources":72,"tags":73},"https://git.kernel.org/stable/c/28324a3b62d9ce7f9bdd65a8ce63f382041d1b27",[57,63],[65],{"url":75,"sources":76,"tags":77},"https://git.kernel.org/stable/c/48a6ef291a17639e1b6ae0fbe9c8b2bb87d7804b",[57,63],[65],{"url":79,"sources":80,"tags":81},"https://git.kernel.org/stable/c/2c054e17d9d41f1020376806c7f750834ced4dc5",[57,63],[65],[],{"date":84,"score":53,"percentile":85},"2026-06-04",0.02696,[87,91,95,98,100,103,106,109,112,115,118,121,124,127,130,133,135,138,141,144,147,150,153,156,159,162,165,168,171,174,177,179,182,185],{"date":88,"score":89,"percentile":90},"2026-05-02",0.00018,0.04852,{"date":92,"score":93,"percentile":94},"2026-05-03",0.00012,0.01739,{"date":96,"score":93,"percentile":97},"2026-05-04",0.01737,{"date":99,"score":93,"percentile":97},"2026-05-05",{"date":101,"score":93,"percentile":102},"2026-05-06",0.01725,{"date":104,"score":93,"percentile":105},"2026-05-07",0.01775,{"date":107,"score":93,"percentile":108},"2026-05-08",0.01778,{"date":110,"score":93,"percentile":111},"2026-05-09",0.01791,{"date":113,"score":93,"percentile":114},"2026-05-10",0.01793,{"date":116,"score":93,"percentile":117},"2026-05-11",0.01795,{"date":119,"score":93,"percentile":120},"2026-05-12",0.01774,{"date":122,"score":93,"percentile":123},"2026-05-13",0.01785,{"date":125,"score":93,"percentile":126},"2026-05-14",0.01783,{"date":128,"score":93,"percentile":129},"2026-05-15",0.01781,{"date":131,"score":93,"percentile":132},"2026-05-16",0.0178,{"date":134,"score":93,"percentile":108},"2026-05-17",{"date":136,"score":93,"percentile":137},"2026-05-18",0.01764,{"date":139,"score":93,"percentile":140},"2026-05-19",0.01762,{"date":142,"score":93,"percentile":143},"2026-05-20",0.01758,{"date":145,"score":93,"percentile":146},"2026-05-21",0.01747,{"date":148,"score":93,"percentile":149},"2026-05-22",0.01871,{"date":151,"score":93,"percentile":152},"2026-05-23",0.01868,{"date":154,"score":93,"percentile":155},"2026-05-24",0.01865,{"date":157,"score":93,"percentile":158},"2026-05-25",0.01852,{"date":160,"score":93,"percentile":161},"2026-05-26",0.01845,{"date":163,"score":93,"percentile":164},"2026-05-27",0.0186,{"date":166,"score":93,"percentile":167},"2026-05-28",0.01853,{"date":169,"score":93,"percentile":170},"2026-05-29",0.01863,{"date":172,"score":93,"percentile":173},"2026-05-30",0.01885,{"date":175,"score":93,"percentile":176},"2026-05-31",0.0188,{"date":178,"score":93,"percentile":155},"2026-06-01",{"date":180,"score":53,"percentile":181},"2026-06-02",0.02711,{"date":183,"score":53,"percentile":184},"2026-06-03",0.02701,{"date":84,"score":53,"percentile":85},[187,192],{"source":57,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":188,"cvss_v4_0":9},{"baseScore":55,"baseSeverity":189,"vectorString":58,"impactScore":190,"exploitabilityScore":191},"HIGH",9.8,4.6,{"source":63,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":193,"cvss_v4_0":9},{"baseScore":55,"baseSeverity":189,"vectorString":58,"impactScore":190,"exploitabilityScore":191},[195,221],{"ecosystem":9,"name":196,"vendor":197,"product":197,"cpe_part":198,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":199},"Linux","linux","a",[200,207,210,213,216,219],{"version":201,"is_range":202,"range_type":57,"version_start":203,"version_start_type":204,"version_end":205,"version_end_type":206,"fixed_in":9},">= 1d036d25e5609ba73fee6a88db01c306b140d512, \u003C 74e2db36fe50e3ad9d5300d7fd0e6e2a15a6d121",true,"1d036d25e5609ba73fee6a88db01c306b140d512","including","74e2db36fe50e3ad9d5300d7fd0e6e2a15a6d121","excluding",{"version":208,"is_range":202,"range_type":57,"version_start":203,"version_start_type":204,"version_end":209,"version_end_type":206,"fixed_in":9},">= 1d036d25e5609ba73fee6a88db01c306b140d512, \u003C 3a1bf9116ea31470b89692585c3910dfe830dcdd","3a1bf9116ea31470b89692585c3910dfe830dcdd",{"version":211,"is_range":202,"range_type":57,"version_start":203,"version_start_type":204,"version_end":212,"version_end_type":206,"fixed_in":9},">= 1d036d25e5609ba73fee6a88db01c306b140d512, \u003C 28324a3b62d9ce7f9bdd65a8ce63f382041d1b27","28324a3b62d9ce7f9bdd65a8ce63f382041d1b27",{"version":214,"is_range":202,"range_type":57,"version_start":203,"version_start_type":204,"version_end":215,"version_end_type":206,"fixed_in":9},">= 1d036d25e5609ba73fee6a88db01c306b140d512, \u003C 48a6ef291a17639e1b6ae0fbe9c8b2bb87d7804b","48a6ef291a17639e1b6ae0fbe9c8b2bb87d7804b",{"version":217,"is_range":202,"range_type":57,"version_start":203,"version_start_type":204,"version_end":218,"version_end_type":206,"fixed_in":9},">= 1d036d25e5609ba73fee6a88db01c306b140d512, \u003C 2c054e17d9d41f1020376806c7f750834ced4dc5","2c054e17d9d41f1020376806c7f750834ced4dc5",{"version":220,"is_range":51,"range_type":57,"version_start":220,"version_start_type":204,"version_end":220,"version_end_type":204,"fixed_in":9},"4.6",{"ecosystem":9,"name":222,"vendor":197,"product":223,"cpe_part":224,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":225},"linux kernel","linux_kernel","o",[226,230,234,238,242,244],{"version":227,"is_range":202,"range_type":228,"version_start":220,"version_start_type":204,"version_end":229,"version_end_type":206,"fixed_in":9},"gte4.6_lt6.6.136","cpe","6.6.136",{"version":231,"is_range":202,"range_type":228,"version_start":232,"version_start_type":204,"version_end":233,"version_end_type":206,"fixed_in":9},"gte6.7_lt6.12.84","6.7","6.12.84",{"version":235,"is_range":202,"range_type":228,"version_start":236,"version_start_type":204,"version_end":237,"version_end_type":206,"fixed_in":9},"gte6.13_lt6.18.25","6.13","6.18.25",{"version":239,"is_range":202,"range_type":228,"version_start":240,"version_start_type":204,"version_end":241,"version_end_type":206,"fixed_in":9},"gte6.19_lt7.0.2","6.19","7.0.2",{"version":243,"is_range":51,"range_type":228,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc1",{"version":245,"is_range":51,"range_type":228,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc2"]