CVE-2026-43084

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfilter: nfnetlink_queue: make hash table per queue<br /> <br /> Sharing a global hash table among all queues is tempting, but<br /> it can cause crash:<br /> <br /> BUG: KASAN: slab-use-after-free in nfqnl_recv_verdict+0x11ac/0x15e0 [nfnetlink_queue]<br /> [..]<br /> nfqnl_recv_verdict+0x11ac/0x15e0 [nfnetlink_queue]<br /> nfnetlink_rcv_msg+0x46a/0x930<br /> kmem_cache_alloc_node_noprof+0x11e/0x450<br /> <br /> struct nf_queue_entry is freed via kfree, but parallel cpu can still<br /> encounter such an nf_queue_entry when walking the list.<br /> <br /> Alternative fix is to free the nf_queue_entry via kfree_rcu() instead,<br /> but as we have to alloc/free for each skb this will cause more mem<br /> pressure.