CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

CVE•added 2026/05/06 7:40 a.m.•9 views

CVE-2026-43114

Summary: CVE-2026-43114 involves the Linux kernel netfilter nft_set_pipapo_avx2 path. The bug arises when AVX2 matching incorrectly masks and returns a non-matching entry on expiry after a flush, causing a clashing element report. Root-cause: too-early return in AVX2 match functions, leading to o...

9.4CVSS5.8AI score0.00067EPSS

Exploits0References8Affected Software1

NVD•added 2026/03/25 11:16 a.m.•1 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS0.00017EPSS

Exploits0References8

OSV•added 2024/05/01 6:15 a.m.•0 views

UBUNTU-CVE-2024-27017

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure ...

5.5CVSS6.2AI score0.00011EPSS

Exploits0References15

RedHat Linux•added 2024/02/28 12:36 p.m.•1 views

kernel: netfilter: use-after-free in nft_trans_gc_catchall_sync leads to privilege escalation

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFTCHAIN object or NFTOBJECT object, allowing a local...

7.8CVSS7.1AI score0.00141EPSS

Exploits0References4