Lucene search
K

14 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38856

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

5.7AI score0.00122EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-52988 netfilter: nf_tables: join hook list via splice_list_rcu() in commit phase

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

7.1CVSS0.00122EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52988

The CVE-2026-52988 issue affects the Linux kernel netfilter nf_tables code, specifically the join hook list updated via splice_list_rcu() during commit phases. The vulnerability arises when new hooks are published to the basechain/flowtable while a concurrent ruleset update is ongoing, potentiall...

7.1CVSS5.7AI score0.00122EPSS
Exploits0References2
OSV
OSV
added 2026/03/25 11:16 a.m.3 views

UBUNTU-CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References31
Cvelist
Cvelist
added 2025/02/05 9:7 a.m.11 views

CVE-2023-52924 netfilter: nf_tables: don't skip expired elements during walk

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don't skip expired elements during walk There is an asymmetry between commit/abort and preparation phase if the following conditions are met: 1. set is a verdict map "1.2.3.4 : jump foo" 2. timeouts are enabl...

0.00191EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/08/28 12:34 p.m.2 views

kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion

This CVE involves a flaw in the Linux kernel's nftables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.4 views

kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion

This CVE involves a flaw in the Linux kernel's nftables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a vulnerability due to incomplete USB endpoint checking that could result in the wrong endpoint type being use...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/24 2:3 p.m.4 views

kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion

This CVE involves a flaw in the Linux kernel's nftables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/24 1:20 p.m.2 views

kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion

This CVE involves a flaw in the Linux kernel's nftables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the...

5.5CVSS7.2AI score0.00241EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/21 1:59 a.m.3 views

SUSE CVE-2024-35897

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combine...

5.5CVSS6.6AI score0.00241EPSS
Exploits0References13
OSV
OSV
added 2024/05/19 9:15 a.m.0 views

DEBIAN-CVE-2024-35897

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combine...

5.5CVSS5.4AI score0.00241EPSS
Exploits0References1
OSV
OSV
added 2024/05/19 9:15 a.m.1 views

UBUNTU-CVE-2024-35897

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combine...

5.5CVSS6.2AI score0.00241EPSS
Exploits0References27
OSV
OSV
added 2024/05/19 9:15 a.m.1 views

UBUNTU-CVE-2024-35900

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table existing and new. The following configuration allows...

5.5CVSS6.2AI score0.00226EPSS
Exploits0References27
Rows per page
Query Builder