CVE-2026-25702

HIGH 7.3

nftables disabled due to incorrect kernel backport

CVSS Score

7.3

EPSS Score

0.0%

EPSS Percentile

0th

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.

CWE	CWE-284
Vendor	suse
Product	suse linux enterprise server
Published	Mar 5, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for suse suse linux enterprise server

Be the first to know when new high vulnerabilities affecting suse suse linux enterprise server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected Versions

SUSE / SUSE Linux Enterprise Server

9e6d9d4601768c75fdb0bad3fbbe636e748939c2 < 9c294edb7085fb91650bc12233495a8974c5ff2d

References

NVD ↗ CVE.org ↗ EPSS Data ↗

bugzilla.suse.com: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25702