Lucene search
+L

177 matches found

debiancve
debiancve
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43026

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

5.5CVSS5.7AI score0.00129EPSS
Exploits0
euvd
euvd
added 2026/05/01 2:15 p.m.11 views

EUVD-2026-26624

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace...

5.8AI score0.00126EPSS
Exploits0References6
cve
cve
added 2026/05/01 2:15 p.m.29 views

CVE-2026-43025

CVE-2026-43025 affects the Linux kernel netfilter component. A local attacker can trigger a slab-out-of-bounds read when creating new expectations by supplying a non-master conntrack helper, potentially enabling information disclosure from kernel memory. The issue is described across multiple sou...

7.3CVSS5.8AI score0.00126EPSS
Exploits0References8Affected Software1
attackerkb
attackerkb
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43025

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace...

5.8AI score0.00126EPSS
Exploits0References7Affected Software1
debiancve
debiancve
added 2026/05/01 2:15 p.m.4 views

CVE-2026-43025

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace...

7.3CVSS5.7AI score0.00126EPSS
Exploits0
cvelist
cvelist
added 2026/05/01 2:15 p.m.37 views

CVE-2026-43026 netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

0.00129EPSS
Exploits0References8
cvelist
cvelist
added 2026/05/01 2:15 p.m.38 views

CVE-2026-43025 netfilter: ctnetlink: ignore explicit helper on new expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ignore explicit helper on new expectations Use the existing master conntrack helper, anything else is not really supported and it just makes validation more complicated, so just ignore what helper userspace...

7.3CVSS0.00126EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to clear the Expected NAT field in netfilter ctnetlink when CTAEXPECTNAT does not exist, which...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an explicit helper in netfilter ctnetlink that does not ignore new expectations, which could lead to...

7.3CVSS5.8AI score0.00126EPSS
Exploits0References1
amazon
amazon
added 2026/04/30 12:0 a.m.13 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...

9.8CVSS6.1AI score0.00591EPSS
Exploits2
mscve
mscve
added 2026/04/23 8:7 a.m.8 views

netfilter: ctnetlink: use netlink policy range checks

...

5.5CVSS5.2AI score0.00129EPSS
Exploits0
susecve
susecve
added 2026/04/23 1:25 a.m.7 views

SUSE CVE-2026-31495

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References12
redhatcve
redhatcve
added 2026/04/22 7:20 p.m.10 views

CVE-2026-31495

A flaw was found in the Linux kernel's netfilter connection tracking ctnetlink component. This vulnerability, related to improper input validation, allows an attacker to provide malformed netlink policy attributes. Specifically, invalid values for TCP window scaling WSCALE could lead to undefined...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References4
euvd
euvd
added 2026/04/22 3:31 p.m.8 views

EUVD-2026-24867

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

5.7AI score0.00129EPSS
Exploits0References9
nvd
nvd
added 2026/04/22 2:16 p.m.5 views

CVE-2026-31495

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

5.5CVSS0.00129EPSS
Exploits0References10
cve
cve
added 2026/04/22 1:54 p.m.29 views

CVE-2026-31495

The CVE-2026-31495 entry concerns the Linux kernel’s netfilter ctnetlink path. The issue stems from missing netlink policy range checks, allowing invalid values to slip through due to manual range validation in CTA_PROTOINFO_TCP_STATE, WSCALE, and related flags. The documented impact notes that c...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References10Affected Software1
osv
osv
added 2026/04/22 1:54 p.m.2 views

CVE-2026-31495 netfilter: ctnetlink: use netlink policy range checks

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References13
cvelist
cvelist
added 2026/04/22 1:54 p.m.37 views

CVE-2026-31495 netfilter: ctnetlink: use netlink policy range checks

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

0.00129EPSS
Exploits0References8
cnnvd
cnnvd
added 2026/04/22 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a netlink policy scope check in ctnetlink. This vulnerability may lead to undefined behavio...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.9 views

PT-2026-34400

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ctnetlink component where manual range and mask validations are used instead of netlink policy annotations. This can lead to undefined behavior when the...

5.5CVSS5.8AI score0.00129EPSS
Exploits0
Rows per page
Query Builder