CVE-2026-23231
Severity
7.8HIGH
EPSS
0.0%
top 96.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 4
Latest updateMar 10
Description
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
nf_tables_addchain() publishes the chain to table->chains via
list_add_tail_rcu() (in nft_chain_add()) before registering hooks.
If nf_tables_register_hook() then fails, the error path calls
nft_chain_del() (list_del_rcu()) followed by nf_tables_chain_destroy()
with no RCU grace period in between.
This creates two use-after-free conditions:
1) Control-plane: nf…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5linux/linux91c7b38dc9f0de4f7f444b796d14476bc12df7bc — 2a6586ecfa4ce1413daaafee250d2590e05f1a33+6
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-gxm6-px42-mpjc: In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
nf_tables_addch↗2026-03-04
OSV▶
CVE-2026-23231: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchai↗2026-03-04
📋Vendor Advisories
3🕵️Threat Intelligence
1💬Community
1Bugzilla▶
CVE-2026-23231 kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain()↗2026-03-04