Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol numbers in custom expectations - Disallow families other than NFPROTOIPV4,IPV6,INET. - Disallow layer 4 protocols without ports, as the destination port is a mandatory attribut...

CVE-2026-43060

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: drop pending enqueued packets on removal Packets sitting in nfqueue might hold a reference to: - templates that specify the conntrack zone, because a percpu area is used and module removal is possible. - conntra...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nftct module not properly disposing of queued messages when it is removed, potentially leading to...

PT-2026-37063

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nft ct component where packets remaining in the nfqueue may maintain references to conntrack timeout policies, helpers, or templates specifying the...

CVE-2026-31665

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...

CVE-2026-31665

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...

CVE-2026-31665 netfilter: nft_ct: fix use-after-free in timeout object destroy

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...

CVE-2026-31665

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of timeout objects after their release in nftct, potentially leading to memory corrupti...

Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50112)

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50112 advisory. - tls: Use skdstget and dstdevrcu in getnetdevforsock. Kuniyuki Iwashima Orabug: 38649136 CVE-2025-40149 - fuse: fix runtime warning on...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1423)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1423 advisory. In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps CVE-2025-40170 In the Linux kernel, the following vulnerability has been resolved:...

The vulnerability of the nft_ct_expect_obj_eval() function in the net/netfilter/nft_ct.c component of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the nftctexpectobjeval function in the net/netfilter/nftct.c component of the Linux operating system is related to improper checking of removed users. Exploiting this vulnerability could allow a attacker to cause service failures...

kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations The Linux kernel CVE team has assigned CVE-2024-26673 to this issue. Upstream advisory:...

kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations The Linux kernel CVE team has assigned CVE-2024-26673 to this issue. Upstream advisory:...