Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001687)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001687 advisory. A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989250 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414495 advisory. A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper...

SUSE CVE-2022-49293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...

DEBIAN-CVE-2022-49293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...

UBUNTU-CVE-2022-49293

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: initialize registers in nftdochain Initialize registers to avoid stack leak into userspace...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from registers not being initialized in the nftdochain function...

CVE-2024-47685

In the Linux kernel, CVE-2024-47685 patches nf_reject_ipv6: nf_reject_ip6_tcphdr_put() could push garbage into the four reserved TCP bits (th->res1) per KMSAN. The fix clears the entire TCP header using skb_put_zero(), aligning with nf_reject_ip_tcphdr_put(). Connected Astra Linux bulletin rep...

kernel: uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM

A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker...

Denial Of Service (DoS)

linux is vulnerable to Denial Of Service DoS. The vulnerability exists due to the nftdochain routine in net/netfilter/nftablescore.c which does not initialize the register data that nftables expressions can read from and write to, allowing an attacker to determine the register data and proceed to...

GSD-2022-1002517 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.309 by commit...

GSD-2022-1002458 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.274 by commit...

GSD-2022-1002382 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.237 by commit...

GSD-2022-1002287 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.188 by commit...

GSD-2022-1001942 netfilter: nf_tables: initialize registers in nft_do_chain()

netfilter: nftables: initialize registers in nftdochain This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.32 by commit...