The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - net: skb: fix cross-cache free of KFENCE-allocated skb head SKB_SMALL_HEAD_CACHE_SIZE is intentionally set     to a non-power-of-2 value (e.g. 704 on x86_64) to avoid collisions with generic kmalloc bucket sizes. This     ensures that skb_kfree_head() can reliably use skb_end_offset to distinguish skb heads allocated from     skb_small_head_cache vs. generic kmalloc caches. However, when KFENCE is enabled, kfence_ksize() returns     the exact requested allocation size instead of the slab bucket size. If a caller (e.g. bpf_test_init)     allocates skb head data via kzalloc() and the requested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE,     then slab_build_skb() -> ksize() returns that exact value. After subtracting skb_shared_info overhead,     skb_end_offset ends up matching SKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free the     object to skb_small_head_cache instead of back to the original kmalloc cache, resulting in a slab cross-     cache free: kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected skbuff_small_head but got     kmalloc-1k Fix this by always calling kfree(head) in skb_kfree_head(). This keeps the free path generic     and avoids allocator-specific misclassification for KFENCE objects. (CVE-2026-31429)

Note that Nessus relies on the presence of the package as reported by the vendor.

Detections

Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-31429

high Nessus Plugin ID 307606

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.6 May 2, 2026, 11:12 PM CVSS metrics ("CVSSv2 score" set to 5.6) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C") CVSS metrics ("CVSSv3 score" set to 7.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") CVSSv3 severity (based on None, severity increased from "Medium" to "High") Detection (updated detection logic) Plugin metadata Plugin Feed: 202605022312
Version 1.5 Apr 28, 2026, 8:33 AM Detection (updated detection logic) Plugin metadata Plugin Feed: 202604280833
Version 1.4 Apr 27, 2026, 11:43 AM Exploit attributes ("Exploit available" set to "True") Exploit attributes ("Exploitability ease" changed from "No known exploits are available" to "Exploits are available") Plugin Feed: 202604271143
Version 1.3 Apr 25, 2026, 11:38 AM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:U/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:U/RC:C") Detection (updated detection logic) Plugin metadata Plugin Feed: 202604251138
Version 1.2 Apr 21, 2026, 6:07 PM CVSS metrics ("CVSSv2 score" set to 6.3) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:M/Au:N/C:N/I:C/A:C") CVSS metrics ("CVSSv3 score" set to 5.5) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H") CVSSv2 severity (based on CVE-2026-31429, severity increased from "Low" to "Medium") CVSSv3 severity (based on None, severity decreased from "High" to "Medium") Detection (updated detection logic) Plugin metadata Plugin Feed: 202604211807
Version 1.1 Apr 20, 2026, 10:26 PM New Plugin Feed: 202604202226