HIGHCVE-2026-43028Published Modified CNA Linux
CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated
In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change.
Metrics
- CVSS v3.1
- 7.1
- Severity
- HIGH
- Fixed in
- 0
- Affected Products
- 2
Fix available
05.10.2535.15.2036.1.1686.6.1346.12.816.18.226.19.12673bbd36cba21d10a10f0932f479df7468e26fbb7.073124608172890306b85f2206d8b3cac20e324f1a958a4f90ddd7de0800b33ca9d7b886b7d40f74eaa6cd4a8863391e0a64f62d8922cb0af732a2cf2bcac50ea0a29d430eedc5ac87b215393b567baa9c2d4a3abb15ca14716c6d8b9ffcbcd7c63626af4ea01c1b219f5a11c66918abaa6f052e5a74041d6f419bdc205894750f4d3ec042bc87a1b9cde1351
Affected packages
- Linux / Linux< bcac50ea0a29d430eedc5ac87b215393b567baa9 (from c38c4597e4bf3e99860eac98211748e1ecb0e139) · < ea01c1b219f5a11c66918abaa6f052e5a74041d6 (from c38c4597e4bf3e99860eac98211748e1ecb0e139) · < aa6cd4a8863391e0a64f62d8922cb0af732a2cf2 (from c38c4597e4bf3e99860eac98211748e1ecb0e139) · < c2d4a3abb15ca14716c6d8b9ffcbcd7c63626af4 (from c38c4597e4bf3e99860eac98211748e1ecb0e139) · < 673bbd36cba21d10a10f0932f479df7468e26fbb (from c38c4597e4bf3e99860eac98211748e1ecb0e139) · < f419bdc205894750f4d3ec042bc87a1b9cde1351 (from c38c4597e4bf3e99860eac98211748e1ecb0e139)
- Linux / Linux4.5Fixed in 0, 5.10.253, 5.15.203, 6.1.168, 6.6.134, 6.12.81, 6.18.22, 6.19.12, 7.0
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H