49 matches found
CVE-2026-55873 SeaweedFS: Improper authorization in the S3Tables / Iceberg REST management API lets a low-privileged S3 user enumerate administrator-owned table buckets
SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A use-after-free vulnerability was discovered in the Linux kernel’s netfilter subsystem, specifically in the net/netfilter/nftablesapi.c file. Improper error handling related to NFTMSGNEWRULE allows a dangling pointer to be used within the same transaction, leading to a use-after-free...
The vulnerability in the net/netfilter/nf_tables_api.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability in the net/netfilter/nftablesapi.c module of the Linux operating system is related to insufficient input data validation. Exploiting this vulnerability can allow an attacker to cause a service failure...
ROS-20260119-7396
A vulnerability in the nftablesapi.c component of the Linux operating system kernel is related to incorrect computation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001746)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001746 advisory. net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001703)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001703 advisory. An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to...
Siemens SIMATIC and SCALANCE Devices Use After Free (CVE-2023-3390)
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414399)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414399 advisory. An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nftseteleminit leading to a buffer overflow could be used by a local attacker to...
Linux Distros Unpatched Vulnerability : CVE-2022-1015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds...
The vulnerability of the nft_trans_gc_{queue_async_done,space}() function in the net/netfilter/nf_tables_api.c module of the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nfttransgcqueueasyncdone,space function in the net/netfilter/nftablesapi.c module of the Linux operating system is related to memory release errors. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of th...
The vulnerability of the nft_set_commit_update() function in the net/netfilter/nf_tables_api.c module of the netfilter component of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, thereby enhancing their privileges.
The vulnerability of the nftsetcommitupdate function in the net/netfilter/nftablesapi.c module of the netfilter component of the Linux kernel operating system is related to the repeated use of previously freed memory. Exploiting this vulnerability could allow a privileged attacker to compromise t...
The vulnerability in the net/netfilter/nf_tables_api.c component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the net/netfilter/nftablesapi.c component in the Linux operating system is related to errors during resource release. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the nft_set_catchallFlush() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to access protected information or cause a service failure.
The vulnerability of the nftsetcatchallFlush function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to access protected information or cause...
The vulnerability of the nft_verdict_dump() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter component allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftverdictdump function in the net/netfilter/nftablesapi.c module of the Linux kernel’s netfilter component is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromis...
AZL-28545 CVE-2023-4569 affecting package kernel for versions less than 5.15.131.1-2
A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak...
CVE-2023-4569
A memory leak flaw was found in nftsetcatchallflush in net/netfilter/nftablesapi.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a memory leak vulnerability that originates from nftsetcatchallflush in net/netfilter/nftablesapi.c not freeing or failing to free dynamically allocat...
The vulnerability of the netfilter kernel module in Linux operating systems, located in the function nf_tables_newrule(), allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the netfilter kernel module in Linux operating systems relates to improper handling when rules are added to the function nftablesnewrule in the net/netfilter/nftablesapi.c module. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity...
The vulnerability of the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the Linux kernel’s netfilter packet filtering subsystem allows a attacker to escalate their privileges and compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the nftchainlookupbyid function in the net/netfilter/nftablesapi.c module of the Linux kernel’s packet filtering subsystem is related to the reutilization of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker t...
DEBIAN-CVE-2023-3390
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nftablesapi.c. Mishandled error handling with NFTMSGNEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local...