Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc Lazy garbage collection for rbtree during insertions may collect end interval elements that have just been added during these transactions. These elements are skipped, as...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsetrbtree: Fixed an issue with overlapping expiration walks. The lazy garbage collection during insertion, which should remove entries when the timeout occurs, fails to properly release the remaining part of the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013782)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013782 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011402 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013371 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993067 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992439 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove...

SUSE CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

DEBIAN-CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

UBUNTU-CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

CVE-2023-53304 netfilter: nft_set_rbtree: fix overlap expiration walk

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

CVE-2023-53304

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

CVE-2023-53304

CVE-2023-53304 concerns the Linux kernel netfilter nft_set_rbtree code. The advisory describes three concrete issues resolved by patching: 1) a lazy garbage-collection on insert that may fail to release the other half of an interval, impacting interval timing expiration walks; 2) incorrect use of...

CVE-2023-53304 netfilter: nft_set_rbtree: fix overlap expiration walk

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: fix overlap expiration walk The lazy gc on insert that should remove timed-out entries fails to release the other half of the interval, if any. Can be reproduced with...

kernel: nftables: nft_set_rbtree skip end interval element from gc

A flaw was found in the Linux kernel’s Netfilter subsystem. This issue occurs in the nftsetrbtree. rbtree lazy gc on insert, which might collect an end interval element just added in a transaction and skip the end interval elements not yet active...

kernel: nftables: nft_set_rbtree skip end interval element from gc

A flaw was found in the Linux kernel’s Netfilter subsystem. This issue occurs in the nftsetrbtree. rbtree lazy gc on insert, which might collect an end interval element just added in a transaction and skip the end interval elements not yet active...

netfilter: nft_set_rbtree: skip end interval element from gc

...

AZL-35451 CVE-2024-26581 affecting package hyperv-daemons for versions less than 5.15.153.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active...