7.8

CVE-2026-23391

netfilter: xt_CT: drop pending enqueued packets on template removal

In the Linux kernel, the following vulnerability has been resolved:

netfilter: xt_CT: drop pending enqueued packets on template removal

Templates refer to objects that can go away while packets are sitting in
nfqueue refer to:

- helper, this can be an issue on module removal.
- timeout policy, nfnetlink_cttimeout might remove it.

The use of templates with zone and event cache filter are safe, since
this just copies values.

Flush these enqueued packets in case the template rule gets removed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 3.4.1 < 5.10.253
LinuxLinux Kernel Version >= 5.11 < 5.15.203
LinuxLinux Kernel Version >= 5.16 < 6.1.167
LinuxLinux Kernel Version >= 6.2 < 6.6.130
LinuxLinux Kernel Version >= 6.7 < 6.12.78
LinuxLinux Kernel Version >= 6.13 < 6.18.20
LinuxLinux Kernel Version >= 6.19 < 6.19.10
LinuxLinux Kernel Version3.4 Update-
LinuxLinux Kernel Version7.0 Updaterc1
LinuxLinux Kernel Version7.0 Updaterc2
LinuxLinux Kernel Version7.0 Updaterc3
LinuxLinux Kernel Version7.0 Updaterc4
LinuxLinux Kernel Version7.0 Updaterc5
LinuxLinux Kernel Version7.0 Updaterc6
LinuxLinux Kernel Version7.0 Updaterc7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/d2d0bae0c9a2a17b6990a2966f5cdce0813d6256
Patch
https://git.kernel.org/stable/c/63b8097cea1923fe82cd598068d0796da8c015ec
Patch
https://git.kernel.org/stable/c/19a230dec6bb8928e3f96387f9085cf2c79bcef9
Patch
https://git.kernel.org/stable/c/cb549925875fa06dd155e49db4ac2c5044c30f9c
Patch
https://git.kernel.org/stable/c/777d02efe3d630cca4c1b63962cec17c57711325
Patch
https://git.kernel.org/stable/c/f62a218a946b19bb59abdd5361da85fa4606b96b
Patch
https://git.kernel.org/stable/c/55445134d42b84cb0a272e42c98d233ca65eca83
Patch
https://git.kernel.org/stable/c/cc57506dd66555899560b9c0f24e813f034e12ec
Patch