Use-after-free in Linux kernel's netfilter: nf_tables component
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.
Affected products
- <6.7
Matching in nixpkgs
pkgs.coq-kernel
None
pkgs.kernelshark
GUI for trace-cmd which is an interface for the Linux kernel ftrace subsystem
-
nixos-unstable -
- nixpkgs-unstable 2.4.0
pkgs.linuxPackages.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxPackages.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.kernel-hardening-checker
Tool for checking the security hardening options of the Linux kernel
-
nixos-unstable -
- nixpkgs-unstable 0.6.10.2
pkgs.linuxPackages.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxPackages_lqx.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.5
pkgs.linuxPackages_zen.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.5
pkgs.python312Packages.kernels
Load compute kernels from the Huggingface Hub
-
nixos-unstable -
- nixpkgs-unstable 0.10.0
pkgs.python313Packages.kernels
Load compute kernels from the Huggingface Hub
-
nixos-unstable -
- nixpkgs-unstable 0.10.0
pkgs.linuxPackages.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.linuxPackages-libre.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxPackages-libre.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.python312Packages.ipykernel
IPython Kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 6.30.1
pkgs.python313Packages.ipykernel
IPython Kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 6.30.1
pkgs.linuxPackages_latest.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.linuxPackages_lqx.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxPackages_xanmod.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxPackages_xanmod.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.linuxPackages_zen.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.python312Packages.nix-kernel
Simple jupyter kernel for nix-repl
-
nixos-unstable -
- nixpkgs-unstable 2020-04-26
pkgs.python313Packages.nix-kernel
Simple jupyter kernel for nix-repl
-
nixos-unstable -
- nixpkgs-unstable 2020-04-26
pkgs.python312Packages.bash-kernel
Bash Kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 0.10.0
pkgs.python313Packages.bash-kernel
Bash Kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 0.10.0
pkgs.haskellPackages.ipython-kernel
A library for creating kernels for IPython frontends
-
nixos-unstable -
- nixpkgs-unstable 0.11.0.0
pkgs.linuxPackages-libre.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxPackages_lqx.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.5
pkgs.linuxPackages_zen.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.5
pkgs.rocmPackages.composable_kernel
Performance portable programming model for machine learning tensor operators
-
nixos-unstable -
- nixpkgs-unstable 6.4.0-unstable-2024-12-20
pkgs.linuxPackages_latest.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxPackages_xanmod.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.gnomeExtensions.kernel-indicator
Display the kernel version in the top bar
-
nixos-unstable -
- nixpkgs-unstable 4
pkgs.linuxPackages-libre.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.python312Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python312Packages.spyder-kernels
Jupyter kernels for Spyder's console
-
nixos-unstable -
- nixpkgs-unstable 3.1.0b1
pkgs.python313Packages.ansible-kernel
Ansible kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.0.0
pkgs.python313Packages.spyder-kernels
Jupyter kernels for Spyder's console
-
nixos-unstable -
- nixpkgs-unstable 3.1.0b1
pkgs.rocmPackages_6.composable_kernel
Performance portable programming model for machine learning tensor operators
-
nixos-unstable -
- nixpkgs-unstable 6.4.0-unstable-2024-12-20
pkgs.linuxPackages_latest.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
pkgs.linuxPackages_xanmod.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.linuxPackages_latest-libre.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.python312Packages.jupyter-c-kernel
Minimalistic C kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.python313Packages.jupyter-c-kernel
Minimalistic C kernel for Jupyter
-
nixos-unstable -
- nixpkgs-unstable 1.2.2
pkgs.linuxPackages_xanmod_stable.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.linuxPackages_latest-libre.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_5_4.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-5.4.299
pkgs.linuxKernel.packages.linux_5_4.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-5.4.299
pkgs.linuxKernel.packages.linux_6_1.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.1.152
pkgs.linuxKernel.packages.linux_6_1.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.1.152
pkgs.linuxKernel.packages.linux_6_6.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.6.106
pkgs.linuxKernel.packages.linux_6_6.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.6.106
pkgs.linuxKernel.packages.linux_lqx.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.5
pkgs.linuxKernel.packages.linux_zen.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.5
pkgs.linuxPackages_xanmod_stable.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_5_10.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-5.10.244
pkgs.linuxKernel.packages.linux_5_10.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-5.10.244
pkgs.linuxKernel.packages.linux_5_15.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-5.15.193
pkgs.linuxKernel.packages.linux_5_15.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-5.15.193
pkgs.linuxKernel.packages.linux_6_12.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxKernel.packages.linux_6_12.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.linuxKernel.packages.linux_6_16.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.linuxPackages_latest-libre.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
pkgs.linuxKernel.packages.linux_libre.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxKernel.packages.linux_libre.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.linuxPackages_xanmod_stable.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
pkgs.home-assistant-component-tests.hardkernel
Open source home automation that puts local control and privacy first
-
nixos-unstable -
- nixpkgs-unstable 2025.9.3
pkgs.linuxKernel.packages.linux_5_4.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_6_1.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_6_6.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_lqx.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_xanmod.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.47
pkgs.linuxKernel.packages.linux_xanmod.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.47
pkgs.linuxKernel.packages.linux_zen.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_5_10.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_5_15.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_6_12.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_6_16.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_5_4.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-5.4.299
pkgs.linuxKernel.packages.linux_6_1.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.1.152
pkgs.linuxKernel.packages.linux_6_6.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.6.106
pkgs.linuxKernel.packages.linux_hardened.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.43
pkgs.linuxKernel.packages.linux_hardened.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.43
pkgs.linuxKernel.packages.linux_libre.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_lqx.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.5
pkgs.linuxKernel.packages.linux_zen.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.5
pkgs.linuxKernel.packages.linux_5_10.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-5.10.244
pkgs.linuxKernel.packages.linux_5_15.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-5.15.193
pkgs.linuxKernel.packages.linux_6_12.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.linuxKernel.packages.linux_6_16.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
pkgs.linuxKernel.packages.linux_xanmod.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_libre.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.linuxKernel.packages.linux_hardened.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_xanmod.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.47
pkgs.linuxKernel.packages.linux_latest_libre.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_2
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.2.8-6.12.43
pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.12.43
pkgs.linuxKernel.packages.linux_hardened.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.43
pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_2_3
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.3.4-6.16.7
pkgs.linuxKernel.packages.linux_latest_libre.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_6_12_hardened.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_xanmod_stable.linux-gpib
Support package for GPIB (IEEE 488) hardware
-
nixos-unstable -
- nixpkgs-unstable 4.3.6
pkgs.linuxKernel.packages.linux_latest_libre.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
pkgs.linuxKernel.packages.linux_6_12_hardened.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.12.43
pkgs.linuxKernel.packages.linux_xanmod_stable.zfs_unstable
ZFS Filesystem Linux Kernel Module
-
nixos-unstable -
- nixpkgs-unstable 2.4.0-rc1-6.16.7
Package maintainers
-
@honnip Jung seungwoo <me@honnip.page>
-
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
-
@fabaff Fabian Affolter <mail@fabian-affolter.ch>
-
@dotlambda Robert Schütz <rschuetz17@gmail.com>
-
@erdnaxe Alexandre Iooss <erdnaxe@crans.org>
-
@basvandijk Bas van Dijk <v.dijk.bas@gmail.com>
-
@Sigmanificient Yohann Boniface <sigmanificient@gmail.com>
-
@fsagbuya Florian Agbuya <fa@m-labs.ph>
-
@amarshall Andrew Marshall <andrew@johnandrewmarshall.com>
-
@adamcstephens Adam C. Stephens <happy.plan4249@valkor.net>
-
@zimbatm zimbatm <zimbatm@zimbatm.com>
-
@GaetanLepage Gaetan Lepage <gaetan@glepage.com>
-
@natsukium Tomoya Otabi <nixpkgs@natsukium.com>
-
@thomasjm Tom McLaughlin <tom@codedown.io>
-
@osbm Osman Bayram <osmanfbayram@gmail.com>
-
@LunNova Luna Nova <nixpkgs-maintainer@lunnova.dev>
-
@Flakebi Sebastian Neubauer <flakebi@t-online.de>
-
@mschwaig Martin Schwaighofer <mschwaig+nixpkgs@eml.cc>
-
@GZGavinZhao Gavin Zhao