CVE-2026-53218

UNKNOWN 0.0

netfilter: nft_exthdr: fix register tracking for F_PRESENT flag

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_exthdr: fix register tracking for F_PRESENT flag nft_exthdr_init() passes user-controlled priv->len to nft_parse_register_store(), which marks that many bytes in the register bitmap as initialized. However, when NFT_EXTHDR_F_PRESENT is set, the eval paths write only 1 byte (nft_reg_store8) or 4 bytes (*dest = 0 on TCP/DCCP error path). When len > 4, registers beyond the first are never written, retaining uninitialized stack data from nft_regs. Bail out if userspace requests too much data when F_PRESENT is set.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jun 25, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 8738b1b6d0e639ca1fc0f61516afd3557ac4ecc6 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 19748967d59c31d24d21d40b728570788310b237 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 46fc15a044e9938e7ea77786fb37edd2cd74f031 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < cd513e43b4b2bd1de39e2367bc4261c699a8652f c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 67b27434c43b68a97becda98c9f0c8cf6cba2134 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 78069a6d8bc86c9e036eb82c2af4a19cc1871a53 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < f08fb3d42fd3aad0b7a263da3ac3ebaf0845e265 c078ca3b0c5bf82c2b31906c446d6e2ad8ea0783 < 772cecf198da732faebb5dcfc46d66a505be8495

Linux / Linux

4.11

References

NVD ↗ CVE.org ↗ EPSS Data ↗