Description
A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before 9c294edb7085fb91650bc12233495a8974c5ff2d.
References (1)
Core 1
Core References
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-25702
Scores
CVSS v3
7.3
EPSS
0.0006
EPSS Percentile
18.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (1)
suse/linux_enterprise_server
12 sp5
Published
Mar 05, 2026
Tracked Since
Mar 05, 2026