Homepage

Improper Validation of Specified Quantity in Input The advisory has been revoked - it doesn't affect any version of package perf  (opens in a new tab)

Threat Intelligence

EPSS
0.12% (2nd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS6-PERF-16307587
  • published27 Apr 2026
  • disclosed25 Apr 2026
Report a new vulnerability Found a mistake?

Introduced: 25 Apr 2026

CVE-2026-31674  (opens in a new tab)
CWE-1284  (opens in a new tab)

Amendment

The Centos security team deemed this advisory irrelevant for Centos:6.

NVD Description

Note: Versions mentioned in the description apply only to the upstream perf package and not the perf package as distributed by Centos.

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()

Reject rt match rules whose addrnr exceeds IP6T_RT_HOPS.

rt_mt6() expects addrnr to stay within the bounds of rtinfo->addrs[]. Validate addrnr during rule installation so malformed rules are rejected before the match logic can use an out-of-range value.