28 matches found
Astra Linux - уязвимость в linux
A issue was discovered in the Linux kernel before version 5.11.11. The netfilter subsystem allows attackers to cause a denial of service panic because net/netfilter/xtables.c and include/linux/netfilter/xtables.h lack a proper memory barrier when assigning a new table value, known as...
CVE-2026-43452 netfilter: x_tables: guard option walkers against 1-byte tail reads
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...
CVE-2026-43452
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...
CVE-2026-43452
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...
PT-2026-39113
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter x tables component allows for 1-byte tail reads. This occurs when the last byte of options is a non-single-byte option kind, causing walkers that advance using i ...
SUSE CVE-2026-43028
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...
CVE-2026-43028
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...
CVE-2026-43028 netfilter: x_tables: ensure names are nul-terminated
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...
CVE-2026-43028
The CVE-2026-43028 vulnerability affects the Linux kernel netfilter x_tables component. The root cause is that certain names were not guaranteed to be nul-terminated before being passed to functions that expect C strings, which could lead to misprocessing, system instability, or hazardous behavio...
CVE-2026-43028
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that names end with a null character in netfilter xtables, which could lead to undefined...
netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP
...
UBUNTU-CVE-2026-31424
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...
CVE-2026-31424
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...
PT-2026-36445
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter x tables component where names are not properly null-terminated. This occurs when names lacking a 0 character are passed to functions expecting C-strings...
CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
UBUNTU-CVE-2023-53200
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +- ip6tregistertable +- translatetable allocates percpu counter block +-...
CVE-2023-53200
CVE-2023-53200 (Linux kernel) : The vulnerability is in netfilter: x_tables where a percpu counter block allocated for a new netns is leaked if xt_register_table() fails during table creation. The stack path shows allocation via __alloc_percpu → xt_percpu_counter_alloc → translate_table, then fai...
Security update for the Linux Kernel (Live Patch 52 for SLE 15 SP3)
This update for the Linux Kernel 5.3.18-15030059188 fixes one issue. The following security issue was fixed: CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
netfilter: x_tables: fix LED ID check in led_tg_check()
...