CVE-2026-31692

In the Linux kernel, the following vulnerability has been resolved:

rtnetlink: add missing netlink_ns_capable() check for peer netns

rtnl_newlink() lacks a CAP_NET_ADMIN capability check on the peer
network namespace when creating paired devices (veth, vxcan,
netkit). This allows an unprivileged user with a user namespace
to create interfaces in arbitrary network namespaces, including
init_net.

Add a netlink_ns_capable() check for CAP_NET_ADMIN in the peer
namespace before allowing device creation to proceed.

More information : https://git.kernel.org/stable/c/0975b64ffb34560042090a5986c3a02e6c80f36f