6 matches found
netfilter: nft_ct: fix missing expect put in obj eval
...
CVE-2026-52970
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...
CVE-2026-52970 netfilter: nft_ct: fix missing expect put in obj eval
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...
PT-2026-51864
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the nft ct expect obj eval function allocates an expectation and may call nf ct expect related, but fails to drop its local reference. This...
Untrusted Query Object Evaluation in RPC API
During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...
GHSA-64F8-PJGR-9WMR Untrusted Query Object Evaluation in RPC API
During the sign in and sign up operations through the SurrealDB RPC API, an arbitrary object would be accepted in order to support a wide array of types and structures that could contain user credentials. This arbitrary object could potentially contain any SurrealDB value, including an object...