5.5

CVE-2026-53269

netfilter: synproxy: add mutex to guard hook reference counting

In the Linux kernel, the following vulnerability has been resolved:

netfilter: synproxy: add mutex to guard hook reference counting

As the synproxy infrastructure register netfilter hooks on-demand when a
user adds the first iptables target or nftables expression, if done
concurrently they can race each other.

Introduce a mutex to serialize the refcount control blocks access from
both frontends. While a per namespace mutex might be more efficient, it
is not needed for target/expression like SYNPROXY.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.3 < 5.10.259
LinuxLinux Kernel Version >= 5.11 < 5.15.210
LinuxLinux Kernel Version >= 5.16 < 6.1.176
LinuxLinux Kernel Version >= 6.2 < 6.6.143
LinuxLinux Kernel Version >= 6.7 < 6.12.94
LinuxLinux Kernel Version >= 6.13 < 6.18.36
LinuxLinux Kernel Version >= 6.19 < 7.0.13
LinuxLinux Kernel Version7.1 Updaterc1
LinuxLinux Kernel Version7.1 Updaterc2
LinuxLinux Kernel Version7.1 Updaterc3
LinuxLinux Kernel Version7.1 Updaterc4
LinuxLinux Kernel Version7.1 Updaterc5
LinuxLinux Kernel Version7.1 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.021
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0ec9ddc1bda261a2c57636c74c8b4e53000102c9
Patch
https://git.kernel.org/stable/c/56ffbe3a08c01dcdb0d6adee9ce1e535bfb3b389
Patch
https://git.kernel.org/stable/c/debc57b83d5b323df74bf010c8d50fe26ad2ed6b
Patch
https://git.kernel.org/stable/c/0f8ba5e4c53d2e4a536aa68140beda9fe59b2f88
Patch
https://git.kernel.org/stable/c/640441348258220e78daed40528b85b8afcedab6
Patch
https://git.kernel.org/stable/c/aaf80701dc2f7a48fe543961e21f8ca3924d587c
Patch
https://git.kernel.org/stable/c/fbf0591275f50eae5733c3d7a8cd6c1e79933ffa
Patch
https://git.kernel.org/stable/c/2fcba19caaeb2a33017459d3430f057967bb91b6
Patch