SB20260626214 - Use of Uninitialized Variable in Linux kernel netfilter
Published: June 26, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Use of Uninitialized Variable (CVE-ID: CVE-2026-53134)
CWE-ID: CWE-457 - Use of Uninitialized Variable
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to uninitialized memory exposure in the nft_fib IPv4/IPv6 evaluation logic when processing nftables fib expressions that use the OIFNAME result or an invalid NFTA_FIB_F_PRESENT combination. A local user can configure and trigger a crafted fib expression to disclose sensitive information.
The issue occurs because only part of the declared destination register span is written on certain evaluation paths, leaving stale kernel stack data available to a downstream expression that reads the full register span.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/3544210609f6d1db282bbdeca639104ef624c393
- https://git.kernel.org/stable/c/6744e49fe51bfba26522acc2d0e9703cb41d8e50
- https://git.kernel.org/stable/c/84d8f58cf28a0415413f43ba7148f7bacd4c1b6e
- https://git.kernel.org/stable/c/8c84885e9790823828bb8084736ea15769b1ac16
- https://git.kernel.org/stable/c/ab185e0c4fb82dfba6fb86f8271e06f931d9c64c
- https://git.kernel.org/stable/c/d19ddef8c327a4773ff81f8e51027d1e0b4cf069
- https://git.kernel.org/stable/c/eb8a8124484dbc3c2b543e207da39bbccb703d31
- https://git.kernel.org/stable/c/eca18feed38b3377a2ec5d1f22af1170c55d0171