51 matches found
CVE-2026-45859
A flaw was found in the Linux kernel's netfilter nfnetlinkqueue component. This vulnerability occurs when an application does not set the FGSO capability flag and a Generic Segmentation Offload GSO packet with an unconfirmed netfilter connection nfconn entry is received. Due to an incorrect order...
EUVD-2026-32325
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...
CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45859
netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfilter nfnetlinkqueue module failing to properly check shared unconfirmed connections befo...
CVE-2026-43451
A flaw was found in the Linux kernel's netfilter component. A remote attacker can exploit this by sending specially crafted network packets that cause an error during VLAN attribute parsing in the nfnetlinkqueue module. This leads to a memory leak, where kernel memory is not properly released...
CVE-2026-43451
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: fix entry leak in bridge verdict error path nfqnlrecvverdict calls finddequeueentry to remove the queue entry from the queue data structures, taking ownership of the entry. For PFBRIDGE packets, it then...
CVE-2026-43451
Summary of CVE-2026-43451 (Linux kernel): The nfnetlink_queue entry leak occurs in the bridge verdict error path. When nfqnl_recv_verdict() dequeues an entry for PF_BRIDGE packets and nfqa_parse_bridge() returns an error (for example VLAN TCI missing when VLAN is present), the code returns withou...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the bridge decision-making process in the netfilter nfnetlinkqueue module. This issue may le...
SUSE CVE-2026-43084
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084
A flaw was found in the Linux kernel's netfilter component. This vulnerability, a use-after-free, occurs due to the sharing of a global hash table among all queues in nfnetlinkqueue. This allows a parallel CPU to access a nfqueueentry after it has been freed, leading to a system crash and a Denia...
EUVD-2026-27578
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084 netfilter: nfnetlink_queue: make hash table per queue
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: make hash table per queue Sharing a global hash table among all queues is tempting, but it can cause crash: BUG: KASAN: slab-use-after-free in nfqnlrecvverdict+0x11ac/0x15e0 nfnetlinkqueue...
CVE-2026-43084
CVE-2026-43084 affects the Linux kernel netfilter nfnetlink_queue. The vulnerability stems from sharing a global hash table across all queues, allowing a parallel CPU to access a nf_queue_entry after it has been freed, causing a slab-use-after-free (KASAN) and potential crash/DoS. The fix is to m...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of a global hash table in the nfnetlinkqueue module. This vulnerability may lead to reuse...
Siemens SIMATIC Devices Improper Validation of Specified Type of Input (CVE-2024-36286)
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
Linux Distros Unpatched Vulnerability : CVE-2024-41043
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: drop bogus WARNON Happens when rules get flushed/deleted while...