8.2

CVE-2026-23456

EPSS 0.07%
Veröffentlicht 03.04.2026 15:15:37
Zuletzt bearbeitet 27.04.2026 14:16:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case

In decode_int(), the CONS case calls get_bits(bs, 2) to read a length
value, then calls get_uint(bs, len) without checking that len bytes
remain in the buffer. The existing boundary check only validates the
2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint()
reads. This allows a malformed H.323/RAS packet to cause a 1-4 byte
slab-out-of-bounds read.

Add a boundary check for len bytes after get_bits() and before
get_uint().

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

CNA 2 VulnDex Vulnerability Enrichment 13

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < a2cd54b9348e485d338b3c132338a4410c99afaf

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < c95dc674ebf01ecfb40388b6facfc89b81fed3b7

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < 41b417ff73a24b2c68134992cc44c88db27f482d

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < 52235bf88159a1ef16434ab49e47e99c8a09ab20

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < 774a434f8c9c8602a976b2536f65d0172a07f4d2

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < 6bce72daeccca9aa1746e92d6c3d4784e71f2ebb

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < fb6c3596823ec5dd09c2123340330d7448f51a59

Status affected

Version 5e35941d990123f155b02d5663e51a24f816b6f3

Version < 1e3a3593162c96e8a8de48b1e14f60c3b57fca8a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.17

Status affected

Version 0

Version < 2.6.17

Status unaffected

Version <= 5.10.*

Version 5.10.253

Status unaffected

Version <= 5.15.*

Version 5.15.203

Status unaffected

Version <= 6.1.*

Version 6.1.167

Status unaffected

Version <= 6.6.*

Version 6.6.130

Status unaffected

Version <= 6.12.*

Version 6.12.78

Status unaffected

Version <= 6.18.*

Version 6.18.20

Status unaffected

Version <= 6.19.*

Version 6.19.10

Status unaffected

Version <= *

Version 7.0

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.221

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
416baaa9-dc9f-4396-8d5f-8c081fb06d67	8.2	3.9	4.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/41b417ff73a24b2c68134992cc44c88db27f482d

https://git.kernel.org/stable/c/52235bf88159a1ef16434ab49e47e99c8a09ab20

https://git.kernel.org/stable/c/774a434f8c9c8602a976b2536f65d0172a07f4d2

https://git.kernel.org/stable/c/6bce72daeccca9aa1746e92d6c3d4784e71f2ebb

https://git.kernel.org/stable/c/fb6c3596823ec5dd09c2123340330d7448f51a59

https://git.kernel.org/stable/c/1e3a3593162c96e8a8de48b1e14f60c3b57fca8a

https://git.kernel.org/stable/c/a2cd54b9348e485d338b3c132338a4410c99afaf

https://git.kernel.org/stable/c/c95dc674ebf01ecfb40388b6facfc89b81fed3b7

https://nvd.nist.gov/vuln/detail/CVE-2026-23456

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-23456

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-23456

EUVD