Lucene search
K

897 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.8 views

PYSEC-2026-431 OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

9.1CVSS7AI score0.04248EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2026/06/26 9:44 a.m.6 views

CVE-2026-53269

A flaw was found in the Linux kernel's netfilter synproxy component. This vulnerability is caused by a race condition during the on-demand registration of netfilter hooks. A local user with privileges to modify netfilter rules could exploit this flaw by concurrently adding iptables targets or...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux

A issue was discovered in netfilter within the Linux kernel before version 5.10. There may be a use-after-free situation in the packet processing context, as the per-CPU sequence count is mishandled during concurrent iptables rule replacements. This vulnerability could be exploited with the...

6.7CVSS6.6AI score0.00444EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the Linux kernel’s implementation of string matching within packets. A privileged user with root or CAPNETADMIN status can insert rules into iptables, and this action may cause the system to panic. The issue affects kernels prior to version 5.5-rc1...

4.4CVSS6.7AI score0.00277EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in iptables

A buffer overflow in iptables-restore within netfilter iptables version 1.8.2 allows an attacker to at least cause the program to crash or potentially gain control of the system through a specially crafted iptables-save file. This issue is related to the addparamtoargv function in xshared.c...

4.2CVSS6.9AI score0.01809EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2026/05/28 3:56 a.m.27 views

SUSE CVE-2026-45901

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 3:0 a.m.11 views

CVE-2026-45901

A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability allows a local attacker to cause a denial of service DoS by triggering a circular lock dependency. This occurs when nft reset, ipset list, and iptables-nft with a '-m set' rule are executed concurrently, leadi...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32367

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...

5.8AI score0.00137EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-45901

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...

5.5CVSS0.00137EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:17 p.m.26 views

CVE-2026-45901

The CVE-2026-45901 issue affects the Linux kernel netfilter nf_tables implementation. The root cause is a circular lock dependency among commit_mutex, nfnl_subsys_ipset, and nlk_cb_mutex that can occur when nft reset, ipset list, and iptables-nft with a -m set rule run concurrently, potentially l...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43768

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular lock dependency exists within the netfilter nf tables component. This issue occurs when nft reset, ipset list, and iptables-nft with the -m set rule are executed simultaneousl...

5.5CVSS5.4AI score0.00137EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-45901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft rese...

5.5CVSS6AI score0.00137EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in docker.io-app

Moby is an open-source container framework developed by Docker Inc., distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby versions prior to 28.0.0. When firewalld is reloaded, Docker fails to recreate...

5.2CVSS6.5AI score0.00152EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which was originally developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode ...

8.7CVSS7AI score0.02733EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space befo...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/02/27 3:33 p.m.10 views

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github.com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, bu...

6.2AI score
Exploits0
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT The nfsklookupslowv4 function performs the conntrack lookup for IPv4 packets in order to restore the original 5-tuple in case of SNAT, so that the correct socket if any can be...

5.5CVSS6.4AI score0.00172EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005047 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: validate user input for expected length I got multiple syzbot reports showing old bugs...

7.1CVSS6.6AI score0.00227EPSS
Exploits0References3
Broadcom
Broadcom
added 2026/01/27 12:0 a.m.21 views

use-after-free and memory corruption

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS. c in the Linux kernel before 4.11, and 4.9. x before 4.9. 36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

9.8CVSS7.3AI score0.52841EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/01/23 4:15 p.m.6 views

CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.7AI score0.00164EPSS
Exploits0References12
Rows per page
Query Builder