CVE-2025-40206
netfilter: nft_objref: validate objref and objrefmap expressions
References
Notes
carnil> Introduced in ee394f96ad75 ("netfilter: nft_synproxy: add synproxy stateful
carnil> object support"). Vulnerable versions: 5.4.
Bugs
Status
| Branch |
Status |
| upstream |
released (6.18-rc1) [f359b809d54c6e3dd1d039b97e0b68390b0e53e4]
|
| 6.18-upstream-stable |
N/A "Fixed before branching point"
|
| 6.17-upstream-stable |
released (6.17.4) [4c1cf72ec10be5a9ad264650cadffa1fbce6fabd]
|
| 6.12-upstream-stable |
released (6.12.54) [7ea55a44493a5a36c3b3293b88bbe4841f9dbaf0]
|
| 6.6-upstream-stable |
released (6.6.113) [0028e0134c64d9ed21728341a74fcfc59cd0f944]
|
| 6.1-upstream-stable |
needed
|
| 5.10-upstream-stable |
needed
|
| sid |
released (6.17.6-1)
|
| 6.12-trixie-security |
released (6.12.57-1)
|
| 6.1-bookworm-security |
needed
|
| 5.10-bullseye-security |
needed
|
