netfilter: nf_tables: release flowtable after rcu grace period on error

Description

A vulnerability marked as critical has been reported in Linux Kernel up to 7.0-rc4. Impacted is the function synchronize_rcu of the component nf_tables. The manipulation leads to use after free. This vulnerability is referenced as CVE-2026-23392. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

Affected Products

Vendor	Product	Versions
Linux	Linux	3b49e2e94e6ebb8b23d0955d9e898254455734f8, 3b49e2e94e6ebb8b23d0955d9e898254455734f8, 3b49e2e94e6ebb8b23d0955d9e898254455734f8, 3b49e2e94e6ebb8b23d0955d9e898254455734f8, 3b49e2e94e6ebb8b23d0955d9e898254455734f8, 3b49e2e94e6ebb8b23d0955d9e898254455734f8, 4.16, 7.0-rc4

References

Related News (2 articles)

Tier C

VulDB2h ago

CVE-2026-23392 | Linux Kernel up to 7.0-rc4 nf_tables synchronize_rcu use after free

→ No new info (linked only)

Tier C

Linux Kernel CVEs4h ago

CVE-2026-23392: netfilter: nf_tables: release flowtable after rcu grace period on error

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

Published3/25/2026

Last enriched2h agov2

Trending Score50

Source articles2

Independent2

Info Completeness6/14

Missing: cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Version History

Last enriched 2h ago

v2Tier C2h ago

Updated description with critical severity, added affected version 7.0-rc4, and noted that no exploit is available.

descriptionaffectedVersionsseverityactivelyExploited

via VulDB

v14h ago

Initial creation