3 matches found
CVE-2026-43085 netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...
CVE-2026-43085
CVE-2026-43085: In the Linux kernel, nfnetlink_log did not initialize the nfgenmsg payload when emitting NLMSG_DONE terminators while batching multiple NFLOG messages, leaking four bytes of stale heap data to userspace. The issue is fixed by using nfnl_msg_put() to build the NLMSG_DONE terminator...
Linux Distros Unpatched Vulnerability : CVE-2026-43085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminat...