CVE-2026-23333

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the netfilter module related to the validation of open intervals within nft set rbtree. Specifically, the issue arises from the lack of a defined end element for open intervals, making overlap validation challenging. The vulnerability can occur when adding or deleting intervals, potentially leading to incorrect behavior. The patch introduces a flag within the nft set elem structure to identify the last element in an add/delete command, enabling more accurate overlap checks. The issue can manifest when adding intervals that overlap with existing start elements, or when deleting open intervals and subsequently adding new elements.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.