900 matches found
OpenStack Neutron Improper Input Validation vulnerability
OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding an address pair that is rejected by the ipset tool...
PYSEC-2026-856 OpenStack Neutron Improper Input Validation vulnerability
OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding an address pair that is rejected by the ipset tool...
PYSEC-2026-431 OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...
CVE-2026-53269
A flaw was found in the Linux kernel's netfilter synproxy component. This vulnerability is caused by a race condition during the on-demand registration of netfilter hooks. A local user with privileges to modify netfilter rules could exploit this flaw by concurrently adding iptables targets or...
Astra Linux – Vulnerability in iptables
A buffer overflow in iptables-restore within netfilter iptables version 1.8.2 allows an attacker to at least cause the program to crash or potentially gain control of the system through a specially crafted iptables-save file. This issue is related to the addparamtoargv function in xshared.c...
Astra Linux – Vulnerability in Linux
A flaw was discovered in the Linux kernel’s implementation of string matching within packets. A privileged user with root or CAPNETADMIN status can insert rules into iptables, and this action may cause the system to panic. The issue affects kernels prior to version 5.5-rc1...
Astra Linux – Vulnerability in Linux
A issue was discovered in netfilter within the Linux kernel before version 5.10. There may be a use-after-free situation in the packet processing context, as the per-CPU sequence count is mishandled during concurrent iptables rule replacements. This vulnerability could be exploited with the...
SUSE CVE-2026-45901
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability allows a local attacker to cause a denial of service DoS by triggering a circular lock dependency. This occurs when nft reset, ipset list, and iptables-nft with a '-m set' rule are executed concurrently, leadi...
EUVD-2026-32367
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
CVE-2026-45901
The CVE-2026-45901 issue affects the Linux kernel netfilter nf_tables implementation. The root cause is a circular lock dependency among commit_mutex, nfnl_subsys_ipset, and nlk_cb_mutex that can occur when nft reset, ipset list, and iptables-nft with a -m set rule run concurrently, potentially l...
CVE-2026-45901 netfilter: nf_tables: revert commit_mutex usage in reset path
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same...
Linux Distros Unpatched Vulnerability : CVE-2026-45901
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: revert commitmutex usage in reset path It causes circular lock dependency between commitmutex, nfnlsubsysipset and nlkcbmutex when nft rese...
PT-2026-43768
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular lock dependency exists within the netfilter nf tables component. This issue occurs when nft reset, ipset list, and iptables-nft with the -m set rule are executed simultaneousl...
Astra Linux – Vulnerability in docker.io-app
Moby is an open-source container framework developed by Docker Inc., distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby versions prior to 28.0.0. When firewalld is reloaded, Docker fails to recreate...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fixed null-ptr-deref in iptablenattableinit. We received a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space befo...
Astra Linux – Vulnerability in docker.io
Moby is an open-source container framework developed by Docker Inc., distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component, dockerd, which was originally developed as “moby/moby”, is commonly referred to as Docker. Swarm Mode ...
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor
Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github.com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, bu...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT The nfsklookupslowv4 function performs the conntrack lookup for IPv4 packets in order to restore the original 5-tuple in case of SNAT, so that the correct socket if any can be...