9.8
/ 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
In the Linux kernel, the following vulnerability has been resolved:
netfilter: conntrack: remove sprintf usage
Replace it with scnprintf, the buffer sizes are expected to be large enough
to hold the result, no need for snprintf+overflow check.
Increase buffer size in mangle_content_len() while at it.
BUG: KASAN: stack-out-of-bounds in vsnprintf+0xea5/0x1270
Write of size 1 at addr [..]
vsnprintf+0xea5/0x1270
sprintf+0xb1/0xe0
mangle_content_len+0x1ac/0x280
nf_nat_sdp_session+0x1cc/0x240
process_sdp+0x8f8/0xb80
process_invite_request+0x108/0x2b0
process_sip_msg+0x5da/0xf50
sip_help_tcp+0x45e/0x780
nf_confirm+0x34d/0x990
[..]
netfilter: conntrack: remove sprintf usage
Replace it with scnprintf, the buffer sizes are expected to be large enough
to hold the result, no need for snprintf+overflow check.
Increase buffer size in mangle_content_len() while at it.
BUG: KASAN: stack-out-of-bounds in vsnprintf+0xea5/0x1270
Write of size 1 at addr [..]
vsnprintf+0xea5/0x1270
sprintf+0xb1/0xe0
mangle_content_len+0x1ac/0x280
nf_nat_sdp_session+0x1cc/0x240
process_sdp+0x8f8/0xb80
process_invite_request+0x108/0x2b0
process_sip_msg+0x5da/0xf50
sip_help_tcp+0x45e/0x780
nf_confirm+0x34d/0x990
[..]
AI Analysis
Stack-based buffer overflow vulnerability in the Linux kernel's netfilter subsystem
Basic Information
ID
CVE-2026-53002
Source
Linux
Published
Jun 24, 2026 at 16:29
Modified
Jun 28, 2026 at 06:37
Affected Product
Vendor
Linux
Product
Linux
Version
9fafcd7b203229c3f3893a475741afc27e276306
Affected Versions
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 2.6.20
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 9fafcd7b203229c3f3893a475741afc27e276306
Linux Linux 2.6.20
AI Assessment
AI Score
9.8 / 10
AI Severity
Critical
Vendor
Linux
Product
Linux Kernel
Version
2.6.20, 9fafcd7b203229c3f3893a475741afc27e276306
References
- git.kernel.org /stable/c/2f793ba78470a99f40389b7dc60a81d9f5ad3956
- git.kernel.org /stable/c/6bbf829b4c1b44c941c47dd0d710f1393258f3d5
- git.kernel.org /stable/c/ab64e61c9323fa6de21bd20da1ddb29a0fb65d34
- git.kernel.org /stable/c/1c9fb8aeed06790d42cdcd00f6c3ce0b9e926c1e
- git.kernel.org /stable/c/a8e0a32a23d3f34862af3b4da792ecb3a891a9a3
- git.kernel.org /stable/c/8e3be0d12615a173fe260cd42753ca7a001acbf2
- git.kernel.org /stable/c/c08ff52e44945e6ef4ce0790f49ea761b060c45b
- git.kernel.org /stable/c/6e7066bdb481a87fe88c4fa563e348c03b2d373d