CVE-2026-53211

UNKNOWN 0.0

netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_meta_bridge: fix stale stack leak via IIFHWADDR register NFT_META_BRI_IIFHWADDR declares its destination register with len = ETH_ALEN (6 bytes), which the register-init tracking rounds up to two 32-bit registers (8 bytes). nft_meta_bridge_get_eval() then does memcpy(dest, br_dev->dev_addr, ETH_ALEN), writing only 6 bytes and leaving the upper 2 bytes of the second register as uninitialised nft_do_chain() stack. A downstream load of that register span leaks those stale bytes to userspace. Zero the second register before the memcpy so the full declared span is written.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

cbd2257dc96e3e46217540fcb095a757ffa20d96 < 07acb9798477535933bd658ac9fa85b6cb10d995 cbd2257dc96e3e46217540fcb095a757ffa20d96 < f1e81d571e375d10e50e852223593493d98c1bac cbd2257dc96e3e46217540fcb095a757ffa20d96 < c7d573551f9286100a055ef696cde6af54549677

Linux / Linux

6.18

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/07acb9798477535933bd658ac9fa85b6cb10d995 git.kernel.org: https://git.kernel.org/stable/c/f1e81d571e375d10e50e852223593493d98c1bac git.kernel.org: https://git.kernel.org/stable/c/c7d573551f9286100a055ef696cde6af54549677