CVE-2026-23455 in Kernel
요약 (영어)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
In DecodeQ931(), the UserUserIE code path reads a 16-bit length from
the packet, then decrements it by 1 to skip the protocol discriminator
byte before passing it to DecodeH323_UserInformation(). If the encoded
length is 0, the decrement wraps to -1, which is then passed as a
large value to the decoder, leading to an out-of-bounds read.
Add a check to ensure len is positive after the decrement.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
책임이 있는
Linux
예약하다
2026. 01. 13.
공개
2026. 04. 03.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 355134 | Linux Kernel netfilter DecodeQ931 정보 공개 | 125 | 정의되지 않음 | 공식 수정 | CVE-2026-23455 |