Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Netfilter nf_tables Wild Memory Access Vulnerability

Vulnerability

A wild memory access vulnerability has been identified in the Linux kernel's netfilter component, specifically within the nf_tables subsystem. This issue arises from improper management of anonymous sets during the transaction process, leading to the deletion of set elements that can be accessed later, causing memory corruption. The vulnerability has been backported to the Linux kernel version 4.14.

Impact

Exploitation of this vulnerability leads to a wild memory access, which can cause memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by manipulating anonymous sets in the nf_tables subsystem. During a transaction, an anonymous set can be deleted and then accessed again, which triggers the wild memory access. This can be observed in the kernel's address space as a 'dead' memory access, indicating a use-after-free condition.

Remediation

Users can upgrade to the latest version of the Linux kernel to address this vulnerability.

Added: Oct 22, 2025, 3:01 PM
Updated: Oct 22, 2025, 3:01 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
4.3
remediation
7.7
relevance
0.8
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.