CVE-2026-23391

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel's netfilter module, specifically within the xt CT component. The issue involves the handling of connection tracking templates and enqueued packets. When a template is removed, pending enqueued packets associated with that template are not properly dropped, potentially leading to issues during module removal or when a timeout policy removes the template. The use of templates with zone and event cache filters is considered safe as they only copy values. The fix involves flushing these enqueued packets when the template rule is removed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.