CVE-2026-53219

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid leaking percpu counter pointers The native and compat get-entries paths copy the fixed rule entry header from the kernelized rule blob to userspace before overwriting the entry's counter fields with a...

CVE-2026-53219

CVE-2026-53219 affects the Linux kernel netfilter x_tables; the native and compat get-entries paths could leak a percpu counter pointer from the rule blob to userspace when the fixed-header is copied before counters are sanitized. On SMP systems, entry->counters.pcnt held the percpu allocation...

Astra Linux – Vulnerability in Linux

A heap out-of-bounds write that affects Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This vulnerability allows an attacker to gain privileges or cause a Denial-of-Service attack through heap memory corruption by manipulating the user name space...

SUSE CVE-2026-43452

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

EUVD-2026-28758

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

CVE-2026-43452

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i += opi + 1 ? : 1 can read opi + 1 past the end of the option area. Add...

Linux Distros Unpatched Vulnerability : CVE-2026-43452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtables: guard option walkers against 1-byte tail reads When the last byte of options is a non-single-byte option kind, walkers that advance with i +...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an out-of-bounds read issue during option traversal in netfilter xtables, potentially leading to...

Linux Distros Unpatched Vulnerability : CVE-2026-43028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is t...

CVE-2026-43028

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

EUVD-2026-26627

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

CVE-2026-31424

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...

MiracleLinux 7 : kernel-3.10.0-1160.41.1.el7 (AXSA:2021-2410:19)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2410:19 advisory. kernel: out-of-bounds write in xtcompattargetfromuser in net/netfilter/xtables.c CVE-2021-22555 kernel: race condition for removal of the HCI...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001106)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001106 advisory. Integer overflow in the xtalloctableinfo function in net/netfilter/xtables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003315 advisory. Integer overflow in the xtalloctableinfo function in net/netfilter/xtables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2024-56650)

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Linux Distros Unpatched Vulnerability : CVE-2023-53200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: xtables: fix percpu counter block leak on error path when creating new netns Here is the stack where we allocate percpu counter block: +-...

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024144 fixes several issues. The following security issues were fixed: CVE-2024-8805: Bluetooth: hcievent: Align BR/EDR JUSTWORKS paring with LE bsc1240840. CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431. Patch...

CVE-2024-56650

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by task repro/5879 ... Call...

CVE-2024-56650 netfilter: x_tables: fix LED ID check in led_tg_check()

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by task repro/5879 ... Call...