32 matches found
UBUNTU-CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
Linux Distros Unpatched Vulnerability : CVE-2026-45859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO'...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: dropping bogus WARN messages This issue occurs when rules are flushed/deleted while the packet is still being processed. Therefore, this WARN message needs to be removed. This warning has existed in som...
SUSE CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
EUVD-2026-28757
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
UBUNTU-CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
CVE-2026-43084
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
PT-2026-37394
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free issue exists in the netfilter nfnetlink queue component. The problem occurs because a global hash table is shared among all queues, which can lead to a system crash...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The ctx variable was initialized to avoid a memory allocation error. It is possible that the ctx variable in nfqnlbuildpacketmessage could be used before it is properly initialized. It is only initializ...
SUSE CVE-2023-53635
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...
AZL-76410 CVE-2023-53635 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...
UBUNTU-CVE-2023-53635
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...
CVE-2023-53635 netfilter: conntrack: fix wrong ct->timeout value
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...
CVE-2023-53635 netfilter: conntrack: fix wrong ct->timeout value
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix wrong ct-timeout value struct nfconn-timeout is an interval before the conntrack confirmed. After confirmed, it becomes a timestamp. It is observed that timeout of an unconfirmed conntrack: - Set by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414381 advisory. nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of ...
PT-2025-41079
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue was identified in the Linux kernel related to the netfilter conntrack functionality. The problem involves an incorrect timeout value for connection tracking entries ct-timeout...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-398958)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-398958 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that...
Linux Distros Unpatched Vulnerability : CVE-2025-22110
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: Initialize ctx to avoid memory allocation error It is possible th...