RHEL 8 : kernel (RHSA-2026:21706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21706 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible...

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

UBUNTU-CVE-2026-45859

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

PT-2026-43726

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink queue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'F GSO' capability flag and a gso packet with an unconfirmed nf conn entry is...

SUSE CVE-2026-43450

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable nfnlcthelperdumptable has a 'goto restart' that jumps to a label inside the for loop body. When the "last" helper saved in cb-args1 is deleted between dump round...

CVE-2026-43450

A flaw was found in the Linux kernel's nfnetlinkcthelper component. This vulnerability, an out-of-bounds read, occurs in the nfnlcthelperdumptable function when a network connection tracking helper is removed during a dump operation, leading to a bypassed bounds check. A local attacker could...

UBUNTU-CVE-2026-43450

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkcthelper: fix OOB read in nfnlcthelperdumptable nfnlcthelperdumptable has a 'goto restart' that jumps to a label inside the for loop body. When the "last" helper saved in cb-args1 is deleted between dump round...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from accessing exp-master in ctnetlink without properly securing the master connection tracking object,...

CVE-2026-43060

The CVE-2026-43060 issue affects the Linux kernel netfilter component (nft_ct). When the nft_ct module is removed, packets enqueued in nfqueue may retain stale references to conntrack zone templates or timeout policies, risking instability or DoS. The root cause is references that can outlive the...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nfctfindexpectation Currently nfconntrackin calling nfctfindexpectation will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: The label mapping should be released when replacing an existing ct entry. The issue arises from the fact that the referenced commit does not release the label mapping when replacing an existing ct entry, leading to a...

Astra Linux - уязвимость в linux-6.1, linux, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk from being released while still in use The functions iplocalout and others can pass skb-sk as a function argument. If the skb is a fragment and reassembly occurs before such a function call returns, t...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fixed the null-ptr-deref in addruleerrflow. In the error flow of mlx5tcctentryaddrule, if ctruleadd callback returns an error, zonerule-attr is used without initialization. This issue was fixed by using attr, which...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix cleanup of CT before cleanup of TC ct rules CT cleanup assumes that all tc rules were deleted first, and so is free to delete the CT shared resources e.g the draction fwdaction which is shared for all tuples. B...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftct: Skip evaluation of expectations for confirmed conntrack entries. The nftctexpectobjeval function calls nfctextadd for a confirmed conntrack entry. However, nfctextadd can only be called when !nfctisconfirmed ...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference to the old ct entry. That's because tcfctskbnfctcached returns fals...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: fix leaked ct in error paths There are some situations where ct might be leaked as error paths are skipping the refcounted check and return immediately. In order to solve it make sure that the check is...