netfilter: conntrack: add missing netlink policy validations

...

SUSE CVE-2026-31407

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...

CVE-2026-31407

The CVE-2026-31407 entry covers a Linux kernel netfilter conntrack issue where missing netlink policy validations allow a local attacker to craft input that can cause a slab-out-of-bounds access in sctp/ctnetlink, via using unvalidated CTA_PROTOINFO_SCTP_STATE values and accessing ct->master-&...

CVE-2026-31407 netfilter: conntrack: add missing netlink policy validations

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink policies accordingly...

PT-2026-30575

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in its netfilter component related to conntrack and missing netlink policy validations. Specifically, the nlattr to sctp function improperly handles...

Information Disclosure

Google Chrome is vulnerable to information disclosure. A remote attacker could bypass navigation restrictions via a crafted HTML page due to insufficient policy validations...