SB20260626115 - Use of uninitialized resource in Linux kernel netfilter
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Use of uninitialized resource (CVE-ID: CVE-2026-53218)
CWE-ID: CWE-908 - Use of Uninitialized Resource
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to an uninitialized memory exposure in nft_exthdr_init and the nft_exthdr evaluation paths when processing a userspace request with the NFT_EXTHDR_F_PRESENT flag set and an invalid length value. A local user can supply a crafted netfilter expression that causes uninitialized stack data from nft_regs to be retained in registers and disclose sensitive information.
The issue occurs because the initialized register bitmap can mark more bytes as written than the evaluation paths actually store when the presence flag is used.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/19748967d59c31d24d21d40b728570788310b237
- https://git.kernel.org/stable/c/46fc15a044e9938e7ea77786fb37edd2cd74f031
- https://git.kernel.org/stable/c/67b27434c43b68a97becda98c9f0c8cf6cba2134
- https://git.kernel.org/stable/c/772cecf198da732faebb5dcfc46d66a505be8495
- https://git.kernel.org/stable/c/78069a6d8bc86c9e036eb82c2af4a19cc1871a53
- https://git.kernel.org/stable/c/8738b1b6d0e639ca1fc0f61516afd3557ac4ecc6
- https://git.kernel.org/stable/c/cd513e43b4b2bd1de39e2367bc4261c699a8652f
- https://git.kernel.org/stable/c/f08fb3d42fd3aad0b7a263da3ac3ebaf0845e265