Lucene search
K

469 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 9:44 a.m.6 views

CVE-2026-53269

A flaw was found in the Linux kernel's netfilter synproxy component. This vulnerability is caused by a race condition during the on-demand registration of netfilter hooks. A local user with privileges to modify netfilter rules could exploit this flaw by concurrently adding iptables targets or...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23111)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate has an inverted element activity check compared to its non-catchall counterpart nftmapelemactivate and compared to what is logically...

7.8CVSS6.1AI score0.00344EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.37 views

Fedora 44 : tailscale (2026-07897c0238)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-07897c0238 advisory. - update to 1.98.4 - Allow nftables to satisfy firewall dependency in lieu of iptables rhbz2453924 - Fix 45s timeout on shutdowns in certain cases...

5CVSS5.7AI score0.00153EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: clone set element expression template The memcpy function breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list; otherwise, the connlimit garbage collect...

5.5CVSS5.6AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid overflows in nfthashbuckets The number of buckets being stored in 32-bit variables requires ensuring that no overflows occur in nfthashbuckets. syzbot injected a size == 0x40000000 and reported: UBSAN:...

7.1CVSS6.1AI score0.0026EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Netfilter: nftables: exthdr: fixed a 4-byte OOB write issue. If priv-len is a multiple of 4, then dstlen / 4 can write beyond the destination array, leading to stack corruption. This fix is necessary to handle the remainder of th...

7.1CVSS6.2AI score0.00675EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix memory leak in fib6rulesuppress The kernel causes a memory leak when a fib rule is present in IPv6 nftables firewall rules, and when a suppressprefix rule is present in IPv6 routing rules used by certain tools such as...

5.5CVSS5.9AI score0.00222EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-6.1, Linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables – Failure to set the dormant flag on the hook register We need to set the dormant flag again if we fail to register the hooks. During memory pressure, hook registration may fail, resulting in a table being...

5.5CVSS5.3AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

Linux Kernel nftables: Vulnerability involving local privilege escalation after free operations; nftchainlookupbyid fails to check whether a chain is active, and CAPNETADMIN is present in any user or network namespace...

7.8CVSS6.5AI score0.0205EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

Linux Kernel nftables Out-of-bounds Read/Write Vulnerability; nftbyteorder improperly handles the contents of VM registers when CAPNETADMIN is present in any user or network namespace...

7.8CVSS6.7AI score0.01508EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

A use-after-free vulnerability in the Linux kernel’s netfilter:nftables component can be exploited to achieve local privilege escalation. When an error occurs during the creation of a nftables rule, deactivating immediate expressions in nftimmediatedeactivate can cause the chain to be unbound,...

7.8CVSS6.7AI score0.00285EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: flowdissector: Use DEBUGNETWARNONONCE. The following issue is easy to reproduce both upstream and in the -stable kernels. Florian Westphal provided the following commit: d1dab4f71d37 “net: add and use skbgethashsymmetricnet"...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/05/13 12:0 a.m.8 views

UBUNTU-CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 2:17 p.m.14 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS0.00263EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/12 2:17 p.m.12 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.8AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/12 1:31 p.m.12 views

EUVD-2026-29474

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.19 views

PT-2026-40031

pam authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer lookup tcp src/peer lookup.c:134, prior to the fix allowed a crafted NETLINK SOCK DIAG reply to slip past the message-size check...

8.7CVSS5.9AI score0.00263EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/05 1:45 a.m.17 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.32 views

CVE-2026-43024 netfilter: nf_tables: reject immediate NF_QUEUE verdict

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

0.00123EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/04/22 5:52 p.m.9 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS5.7AI score0.00812EPSS
Exploits1References4
Rows per page
Query Builder