4 matches found
SUSE CVE-2026-31428
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...
CVE-2026-31428
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...
CVE-2026-31428
CVE-2026-31428 — In the Linux kernel, nfnetlink_log’s __build_packet_message() previously built NFULA_PAYLOAD attributes manually via skb_put()/skb_copy_bits(), bypassing nla_reserve()/nla_put(). This caused trailing padding to remain uninitialized, leaking stale heap data to userspace over NFLOG...
PT-2026-32354
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter nfnetlink log component allows the leak of stale heap contents to userspace via the NFLOG netlink socket. The function build packet message manually constructs th...