2 matches found
CVE-2025-37997
CVE-2025-37997 corresponds to a race in Linux kernel/ipset region locking for hash types. The issue arises from incorrect region lock handling in region macros (ahash_bucket_start/end/ahash_region), enabling a race between the garbage collector and adding elements when timeouts are used. Connecte...
CVE-2026-31418
CVE-2026-31418 is a Linux kernel vulnerability in netfilter/ipset mtype_del where drop of empty buckets is not performed correctly, leaving buckets with only deleted entries when n->pos points past them. The fix changes how a bucket is treated as empty: release the bucket directly when all pos...