NULL pointer dereference in Linux kernel - #VU135569
Published: June 26, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a NULL pointer dereference in ebt_dnat_tg() in net/bridge/netfilter/ebt_dnat.c when processing NF_BR_PRE_ROUTING on a device whose bridge port has been removed. A local user can remove the bridge port before the code accesses the bridge device pointer to cause a denial of service.