Linux Distros Unpatched Vulnerability : CVE-2026-23412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG:...

CVE-2026-23412

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...

CVE-2026-23412 netfilter: bpf: defer hook memory release until rcu readers are done

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: defer hook memory release until rcu readers are done Yiming Qian reports UaF when concurrent process is dumping hooks via nfnetlinkhooks: BUG: KASAN: slab-use-after-free in nfnlhookdumpone.isra.0+0xe71/0x10f0 Read...

CVE-2026-23412

The CVE-2026-23412 issue affects the Linux kernel’s netfilter/BPF path. It describes a use-after-free (UaF) in nfnetlink_hooks where a concurrent process dumps hooks, triggering a KASAN slab-use-after-free in nfnl_hook_dump_one. The root cause is deferring the release of hook memory until RCU rea...