CVE-2026-46324 PUBLISHED

netfilter: nf_tables: use list_del_rcu for netlink hooks

Assigner: Linux
Reserved: 13.05.2026 Published: 09.06.2026 Updated: 09.06.2026

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: use list_del_rcu for netlink hooks

nft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks need to use list_del_rcu(), this list can be walked by concurrent dumpers.

Add a new helper and use it consistently.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from f9a43007d3f7ba76d5e7f9421094f00f2ef202f8 to 0bd93ce4f3c35e845532184331d7917d7e562c80 (excl.)
  • affected from f9a43007d3f7ba76d5e7f9421094f00f2ef202f8 to 0f33e8ad6ac563ae2233dd7f75884e0ee010521d (excl.)
  • affected from f9a43007d3f7ba76d5e7f9421094f00f2ef202f8 to f3224ee463f8f6f6ced7dcdf6081add4f8128527 (excl.)
  • Version c73955a09408e7374d9abfd0e78ce3de9cda0635 is affected
  • Version b09e6ccf0d12f9356e8e3508d3e3dce126298538 is affected
  • Version 3fac8ce48fa9fd61ee9056d3ed48b2edefca8b82 is affected
  • Version 9c413a8c8bb49cc16796371805ecb260e885bb2b is affected
  • Version a3940dcf552f2393d1e8f263b386593f98abe829 is affected
  • Version 86c0154f4c3a56c5db8b9dd09e3ce885382c2c19 is affected
  • affected from 4.19.316 to 4.20 (excl.)
  • affected from 5.4.262 to 5.5 (excl.)
  • affected from 5.10.198 to 5.11 (excl.)
  • affected from 5.15.45 to 5.16 (excl.)
  • affected from 5.17.13 to 5.18 (excl.)
  • affected from 5.18.2 to 5.19 (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 5.19 is affected
  • unaffected from 0 to 5.19 (excl.)
  • unaffected from 6.18.33 to 6.18.* (incl.)
  • unaffected from 7.0.10 to 7.0.* (incl.)
  • unaffected from 7.1-rc2 to * (incl.)

References