CVE-2026-52921
MEDIUMnetfilter: ipset: stop hash:* range iteration at end
Title source: cnaDescription
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash:* range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last address in the requested range has been processed. Advancing it once more can move the traversal state past the end of the request, so a later retry may continue from an unintended position. Handle the iterator increment explicitly at the end of the loop and stop once the upper bound has been processed. This keeps the existing retry behaviour intact for valid ranges while preventing traversal from continuing past the original boundary.
References (8)
Core 8
Core References
Scores
CVSS v3
5.5
EPSS
0.0011
EPSS Percentile
1.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-835
Status
published
Products (28)
linux/Kernel
4.14.0 - 5.10.258linux
linux/Kernel
5.11.0 - 5.15.209linux
linux/Kernel
5.16.0 - 6.1.175linux
linux/Kernel
6.13.0 - 6.18.34linux
linux/Kernel
6.19.0 - 7.0.11linux
linux/Kernel
6.2.0 - 6.6.142linux
linux/Kernel
6.7.0 - 6.12.92linux
Linux/Linux
< 4.14
Linux/Linux
4.14
Linux/Linux
48596a8ddc46f96afb6a2cd72787cb15d6bb01fc - 02f75f041a93ea045834da89cd3234f4c1d749b4
... and 18 more
Published
Jun 24, 2026
Tracked Since
Jun 24, 2026