Back to CVE List

CVE-2026-23139

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conncount: update last_gc only when GC has been performed

Currently last_gc is being updated everytime a new connection is
tracked, that means that it is updated even if a GC wasn't performed.
With a sufficiently high packet rate, it is possible to always bypass
the GC, causing the list to grow infinitely.

Update the last_gc value only when a GC has been actually performed.

Vulnerability Details

Published Date
Last Modified
Source
NVD
Vendor
Linux
Product
Linux

External References

Discussion (0)

Add Comment

No comments yet. Be the first!