PT-2026-26583 · Linux · Linux Kernel

Published

2026-01-01

Updated

2026-05-26

CVE-2026-23278

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the netfilter subsystem related to nf tables. During transaction processing, multiple catchall elements may exist, including one active and one pending from a new batch. If the map containing these catchall elements is being removed, all catchall elements must be toggled, not just the first viable candidate. Failure to do so can lead to a warning related to nft data release and potential issues with element destruction and transaction handling. The issue involves the nft data release function and impacts the processing of catchall elements within nf tables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-459CWE-20

Related Identifiers

BDU:2026-04311

CVE-2026-23278

ECHO-F760-EA53-3003

OESA-2026-1862

OESA-2026-1863

OESA-2026-1864

OPENSUSE-SU-2026:20572-1

SUSE-SU-2026:1573-1

SUSE-SU-2026:1643-1

SUSE-SU-2026:1661-1

SUSE-SU-2026:21114-1

SUSE-SU-2026:21123-1

SUSE-SU-2026:21237-1

SUSE-SU-2026:21255-1

SUSE-SU-2026:21352-1

SUSE-SU-2026:21361-1

Affected Products

Linux Kernel

PT-2026-26583 · Linux · Linux Kernel

CVE-2026-23278

Weakness Enumeration

Related Identifiers

Affected Products

References · 271