CVE-2026-31416

CVE-2026-31416 (Linux kernel) : Affected component is netfilter nfnetlink_log. The issue is caused by not accounting for the netlink header size when processing NL messages, which can lead to a WARN splat and potential drop of the affected netlink message, with no other ill effects reported in th...

CVE-2026-23385

A flaw was found in the Linux kernel's netfilter nftables component. A local or privileged user could trigger a failing memory allocation during a set flush operation. This vulnerability, related to how nftables handles set cloning, can lead to a kernel warning WARN splat, potentially causing...

UBUNTU-CVE-2026-23385

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat: iter.err WARNING: net/netfilter/nftablesapi.c:845 at...

CVE-2024-26835

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active...

CVE-2024-26835

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active...

CVE-2024-26835 netfilter: nf_tables: set dormant flag on hook register failure

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active...