2825 matches found
ROS-20260407-73-0015
A vulnerability in the nfconntracknetlink.c component of the Linux operating system kernel is related to errors in updating the link counter. Exploitation of the vulnerability allows an attacker to cause a denial of service...
SUSE CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
CVE-2026-31407
A flaw was found in the Linux kernel's netfilter conntrack subsystem. Missing netlink policy validations allow a local attacker to provide a specially crafted input, leading to an out-of-bounds read. This vulnerability can result in information disclosure from kernel memory or potentially cause a...
EUVD-2026-19197
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
UBUNTU-CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
CVE-2026-31407 netfilter: conntrack: add missing netlink policy validations
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
CVE-2026-31407
The CVE-2026-31407 entry covers a Linux kernel netfilter conntrack issue where missing netlink policy validations allow a local attacker to craft input that can cause a slab-out-of-bounds access in sctp/ctnetlink, via using unvalidated CTA_PROTOINFO_SCTP_STATE values and accessing ct->master-&...
CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
Linux Distros Unpatched Vulnerability : CVE-2026-31407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of netlink policy validation, potentially leading to out-of-bound access...
CVE-2026-31407
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...
PT-2026-30575
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in its netfilter component related to conntrack and missing netlink policy validations. Specifically, the nlattr to sctp function improperly handles...
Linux Distros Unpatched Vulnerability : CVE-2026-23436
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body ...
Linux Distros Unpatched Vulnerability : CVE-2026-23458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback...
SUSE CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
SUSE CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23458
A flaw was found in the Linux kernel's netfilter connection tracking ctnetlink component. This vulnerability, known as a use-after-free, occurs when the system attempts to access a memory location after it has been deallocated, which can lead to unpredictable behavior. A local attacker could...
EUVD-2026-18678
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...