HOMEVULNERABILITIESCVE-2026-31563
HIGH

CVE-2026-31563

Published: April 24, 2026· Updated: Apr 27, 2026

7.5
CVSS v3.1
EPSS:0.02%probability of exploitation in 30 daysPercentile:6.8th

Official Description

In the Linux kernel, the following vulnerability has been resolved:

net: macb: Use dev_consume_skb_any() to free TX SKBs

The napi_consume_skb() function is not intended to be called in an IRQ

disabled context. However, after commit 6bc8a5098bf4 ("net: macb: Fix

tx_ptr_lock locking"), the freeing of TX SKBs is performed with IRQs

disabled. To resolve the following call trace, use dev_consume_skb_any()

for freeing TX SKBs:

WARNING: kernel/softirq.c:430 at __local_bh_enable_ip+0x174/0x188, CPU#0: ksoftirqd/0/15

Modules linked in:

CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 7.0.0-rc4-next-20260319-yocto-standard-dirty #37 PREEMPT

Hardware name: ZynqMP ZCU102 Rev1.1 (DT)

pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)

pc : __local_bh_enable_ip+0x174/0x188

lr : local_bh_enable+0x24/0x38

sp : ffff800082b3bb10

x29: ffff800082b3bb10 x28: ffff0008031f3c00 x27: 000000000011ede0

x26: ffff000800a7ff00 x25: ffff800083937ce8 x24: 0000000000017a80

x23: ffff000803243a78 x22: 0000000000000040 x21: 0000000000000000

x20: ffff000800394c80 x19: 0000000000000200 x18: 0000000000000001

x17: 0000000000000001 x16: ffff000803240000 x15: 0000000000000000

x14: ffffffffffffffff x13: 0000000000000028 x12: ffff000800395650

x11: ffff8000821d1528 x10: ffff800081c2bc08 x9 : ffff800081c1e258

x8 : 0000000100000301 x7 : ffff8000810426ec x6 : 0000000000000000

x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000

x2 : 0000000000000008 x1 : 0000000000000200 x0 : ffff8000810428dc

Call trace:

__local_bh_enable_ip+0x174/0x188 (P)

local_bh_enable+0x24/0x38

skb_attempt_defer_free+0x190/0x1d8

napi_consume_skb+0x58/0x108

macb_tx_poll+0x1a4/0x558

__napi_poll+0x50/0x198

net_rx_action+0x1f4/0x3d8

handle_softirqs+0x16c/0x560

run_ksoftirqd+0x44/0x80

smpboot_thread_fn+0x1d8/0x338

kthread+0x120/0x150

ret_from_fork+0x10/0x20

irq event stamp: 29751

hardirqs last enabled at (29750): [<ffff8000813be184>] _raw_spin_unlock_irqrestore+0x44/0x88

hardirqs last disabled at (29751): [<ffff8000813bdf60>] _raw_spin_lock_irqsave+0x38/0x98

softirqs last enabled at (29150): [<ffff8000800f1aec>] handle_softirqs+0x504/0x560

softirqs last disabled at (29153): [<ffff8000800f2fec>] run_ksoftirqd+0x44/0x80

NVD Source

Technical Analysis

CVE-2026-31563 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 7.5.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityLow
Privileges Req.None
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityNone
IntegrityNone
AvailabilityHigh
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Vendors & Products

Linux1 product
linux kernel
Source: NVD CPE · 3 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (6)

Quick Facts

CVE IDCVE-2026-31563
CVSS Score7.5 / 10
SeverityHIGH
CISA KEVNo
EPSS (30d)0.02%
Affected1 vendor
PublishedApr 24, 2026

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2026-31563 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.