23 matches found
UBUNTU-CVE-2026-43916
pamauthnft is a PAM session module binding nftables firewall rules to...
CVE-2026-25702
A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987348)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987348 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6rulesuppress The kernel leaks memory when a fib rule is present in...
EUVD-2025-19114
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-52889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rul...
GO-2025-3782 Incus creates nftables rules that partially bypass security options in github.com/lxc/incus
Incus creates nftables rules that partially bypass security options in github.com/lxc/incus...
Security Filter Bypass
github.com/lxc/incus is vulnerable to security filter bypass. The vulnerability is due to incorrect generation of nftables rules when applying ACLs on devices connected to a bridge, which allows ARP spoofing and full spoofing of another VM/container on the same bridge...
SUSE CVE-2025-52889
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...
Incus creates nftables rules that partially bypass security options
Summary When using an ACL on a device connected to a bridge, Incus generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP spoofing on the bridge and to fully spoof another VM/container on the...
GHSA-P7FW-VJJM-2RWP Incus creates nftables rules that partially bypass security options
Summary When using an ACL on a device connected to a bridge, Incus generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP spoofing on the bridge and to fully spoof another VM/container on the...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the improper enforcement of resource limits in the nftables rules generation process for managed bridge networks. An attacker can exhaust the DHCP pool and disrupt network...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the improper enforcement of resource limits in the nftables rules generation process for managed bridge networks. An attacker can exhaust the DHCP pool and disrupt network...
CVE-2025-52889
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...
UBUNTU-CVE-2025-52889
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...
UBUNTU-CVE-2025-52890
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52890 Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52890
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus versions 6.12 and 6.13generates nftables rules that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to ARP...
CVE-2025-52889
Incus (system container/VM manager) on versions 6.12–6.13 is vulnerable when an ACL on a bridge-connected device is used: nftables rules for local services can bypass security.mac_filtering, security.ipv4_filtering, and security.ipv6_filtering, enabling DHCP pool exhaustion and potential further ...
CVE-2025-52889 Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...
CVE-2025-52889
Incus is a system container and virtual machine manager. When using an ACL on a device connected to a bridge, Incus version 6.12 and 6.13 generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and...