Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high packet rate, it is possible to always bypass the GC, causing the list to grow infinitely. Update the last_gc value only when a GC has been actually performed.

INFO

Published Date :

2026-02-14T15:22:24.059Z

Last Modified :

2026-04-03T13:32:04.006Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2026-23139 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-23139.

URL Resource
https://git.kernel.org/stable/c/26a82dce2beee39c43c109d9647e16f49cb02a35 cve-icon cve-icon
https://git.kernel.org/stable/c/2c7c71113ed6d3e2f3aca4c088f22283016ff34f cve-icon cve-icon
https://git.kernel.org/stable/c/3cd717359e56f82f06cbf8279b47a7d79880c6f3 cve-icon cve-icon
https://git.kernel.org/stable/c/7811ba452402d58628e68faedf38745b3d485e3c cve-icon cve-icon
https://git.kernel.org/stable/c/8bdafdf4900040a81422056cabe5e00a37bd101a cve-icon cve-icon
https://git.kernel.org/stable/c/9f45588993d7f115280fc726119ca86fba32a811 cve-icon cve-icon
https://git.kernel.org/stable/c/c4cde57c8affdcca5bcff53a1047e15d268bdca1 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026021429-CVE-2026-23139-a7b4@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-23139 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-23139 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact