{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-53002/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-28T06:37:52.650Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-53002","@id":"https://www.cve.org/CVERecord?id=CVE-2026-53002","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: remove sprintf usage\n\nReplace it with scnprintf, the buffer sizes are expected to be large enough\nto hold the result, no need for snprintf+overflow check.\n\nIncrease buffer size in mangle_content_len() while at it.\n\nBUG: KASAN: stack-out-of-bounds in vsnprintf+0xea5/0x1270\nWrite of size 1 at addr [..]\n vsnprintf+0xea5/0x1270\n sprintf+0xb1/0xe0\n mangle_content_len+0x1ac/0x280\n nf_nat_sdp_session+0x1cc/0x240\n"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:2.6.20:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:2.6.20:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 1c9fb8aeed06790d42cdcd00f6c3ce0b9e926c1e, 2f793ba78470a99f40389b7dc60a81d9f5ad3956, 5.10.258, 5.15.209, 6.1.175, 6.6.141, 6.12.91, 6.18.33, 6bbf829b4c1b44c941c47dd0d710f1393258f3d5, 6e7066bdb481a87fe88c4fa563e348c03b2d373d, 7.0.10, 7.1, 8e3be0d12615a173fe260cd42753ca7a001acbf2, a8e0a32a23d3f34862af3b4da792ecb3a891a9a3, ab64e61c9323fa6de21bd20da1ddb29a0fb65d34, c08ff52e44945e6ef4ce0790f49ea761b060c45b.","timestamp":"2026-06-28T06:37:52.650Z"}]}