CVE-2026-23278
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: always walk all pending catchall elements During transaction processing we might have more than one catchall element: 1 live catchall element and 1 pending element that is coming as part of the new batch. If the map holding the catchall elements is also going away, its required to toggle all catchall elements and not just the first viable candidate. Otherwise, we get: WARNING: ./include/net/netfilter/nf_tables.h:1281 at nft_data_release+0xb7/0xe0 [nf_tables], CPU#2: nft/1404 RIP: 0010:nft_data_release+0xb7/0xe0 [nf_tables] [..] __nft_set_elem_destroy+0x106/0x380 [nf_tables] nf_tables_abort_release+0x348/0x8d0 [nf_tables] nf_tables_abort+0xcf2/0x3ac0 [nf_tables] nfnetlink_rcv_batch+0x9c9/0x20e0 [..]
EPSS 0.02% · 4.8th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | *, 6.4, 0 |
| linux | linux_kernel | 6.4, 6.4, 6.4 |
Timeline
- Mar 20, 2026 EPSS Score
- Mar 20, 2026 CVE Published
- Mar 20, 2026 PoC Published
- Mar 21, 2026 EPSS Score
- Mar 22, 2026 EPSS Score
- Mar 22, 2026 Coalition ESS Score
- Mar 23, 2026 EPSS Score
- Mar 24, 2026 EPSS Score
- Mar 25, 2026 EPSS Score
- Mar 29, 2026 Security Advisory
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
References
- https://git.kernel.org/stable/c/eb0948fa13298212c5f8b30ee48efdae4389ab09 url
- https://git.kernel.org/stable/c/de47a88c6b807910f05703fb6605f7efdaa11417 url
- https://git.kernel.org/stable/c/77c26b5056d693ffe5e9f040e946251cdb55ae55 url
- https://git.kernel.org/stable/c/7cb9a23d7ae40a702577d3d8bacb7026f04ac2a9 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23278 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261532-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621230-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261463-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261574-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261527-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621114-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261531-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261583-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261505-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621221-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621120-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621123-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261573-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-20261578-1 advisory
- https://www.suse.com/support/update/announcement/2026/suse-su-202621122-1 advisory
…and 92 more