13 matches found
EUVD-2026-35414
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...
CVE-2026-46324 netfilter: nf_tables: use list_del_rcu for netlink hooks
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...
CVE-2026-46324
CVE-2026-46324 concerns the Linux kernel’s nf_tables netlink hook handling. The vuln is fixed by replacing use of list_del_rcu() for nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks to prevent concurrent dumpers from walking the list while it’s modified. A new helper was added...
PT-2026-47761
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf tables component where the functions nft netdev unregister hooks and nft unregister flowtable net hooks fail to use list del rcu. This is problematic...
EUVD-2025-28948
Malicious code in bioql PyPI...
netfilter: ctnetlink: remove refcounting in expectation dumpers
...
CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
AZL-67160 CVE-2025-39764 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
AZL-70828 CVE-2025-39764 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
DEBIAN-CVE-2025-39764
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers Same pattern as previous patch: do not keep the expectation object alive via refcount, only store a cookie value and then use that as the skip hint for dump...
PT-2025-37222
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The netfilter component in the Linux kernel contains an issue in the ctnetlink module related to expectation dumpers. A flaw exists where the refcount of an expectation object may be...