CVE-2026-31617
CVE-2026-31617 in the Linux kernel Usb Gadget CDC-NCM path (f_ncm) allowed a host to supply a too-small NTB block_len, triggering an underflow in block_len - ndp_size/dpe_size checks and enabling memory exposure during skb_copy. The fix clamps block_len to only those values that can hold the NTB ...