307 matches found
SUSE CVE-2026-45901
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability allows a local attacker to cause a denial of service DoS by triggering a circular lock dependency. This occurs when nft reset, ipset list, and iptables-nft with a '-m set' rule are executed concurrently, leadi...
EUVD-2026-32367
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
The CVE-2026-45901 issue is in the Linux kernel netfilter nf_tables code. A circular lock dependency can occur between commit_mutex, nfnl_subsys_ipset, and nlk_cb_mutex when nft reset, ipset list, and iptables-nft with -m set run concurrently. The problem arose after changes that had previously a...
PT-2026-43768
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf tables: revert commit mutex usage in reset path It causes circular lock dependency between commit mutex, nfnl subsys ipset and nlk cb mutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-124 (ALASKERNEL-5.4-2026-124)
The version of kernel installed on the remote host is prior to 5.4.302-224.473. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2026-124 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets ...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel CVE-2026-31418 PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite throu...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A overflow issue was addressed in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and the netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is susceptible to...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed the issue with rcudereferenceprotected. When destroying all sets, we are either in the pernetexit phase or executing a “destroy all sets” command from user space. The latter was taken into account in...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fixed a race condition between namespace cleanup and garbage collection for the list:set type. Lion Ackermann reported that there is a race condition between namespace cleanup in ipset and garbage collection of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021595)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021595 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko...
OESA-2026-2236 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the...
OESA-2026-2232 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, a security vulnerability exists in the IOMMU Shared Virtual Addressing SVA feature. On x86 architecture when CONFIGX86 is set, IOMMU hardware caches kernel page table entries. Due to the lack of notification...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ipset.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be provoked by inserting ...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Added the missing IPSETHASHWITHNET0 macro for ipsethashnetportnet.c. The missing IPSETHASHWITHNET0 macro in ipsethashnetportnet can lead to the use of the incorrect CIDRPOSc for calculating array offsets, which...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: A missing range check was added in bitmapipuadt. When tbIPSETATTRIPTO is not present, but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. As a result, the range check for ip should be...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: fix region locking in hash types Region locking introduced in v5.6-rc4 contained three macros to handle the region locks: ahashbucketstart, ahashbucketend which gave back the start and end hash bucket values...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Reworked the handling of long task execution when adding/ deleting entries. When adding or deleting a large number of elements in one step using ipset, it may take considerable time, and soft lockup errors can...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Enforces the documented limit to prevent excessive memory allocation. Daniel Xu reported that the hash:net,iface type of the ipset subsystem does not limit adding the same network with different interfaces to a...