5.5
CVE-2026-52921
- EPSS 0.11%
- Veröffentlicht 24.06.2026 07:14:16
- Zuletzt bearbeitet 08.07.2026 17:52:39
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
netfilter: ipset: stop hash:* range iteration at end
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash:* range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last address in the requested range has been processed. Advancing it once more can move the traversal state past the end of the request, so a later retry may continue from an unintended position. Handle the iterator increment explicitly at the end of the loop and stop once the upper bound has been processed. This keeps the existing retry behaviour intact for valid ranges while preventing traversal from continuing past the original boundary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.14.1 < 5.10.258
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.209
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.175
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.142
Linux ≫ Linux Kernel Version >= 6.7 < 6.12.92
Linux ≫ Linux Kernel Version >= 6.13 < 6.18.34
Linux ≫ Linux Kernel Version >= 6.19 < 7.0.11
Linux ≫ Linux Kernel Version4.14 Update-
Linux ≫ Linux Kernel Version4.14 Updaterc5
Linux ≫ Linux Kernel Version4.14 Updaterc6
Linux ≫ Linux Kernel Version4.14 Updaterc7
Linux ≫ Linux Kernel Version4.14 Updaterc8
Linux ≫ Linux Kernel Version7.1 Updaterc1
Linux ≫ Linux Kernel Version7.1 Updaterc2
Linux ≫ Linux Kernel Version7.1 Updaterc3
Linux ≫ Linux Kernel Version7.1 Updaterc4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.018 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb
https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb
https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901
https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02
https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4
https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436
https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc
https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6