Heap Buffer Over-Read in pam_authnft by identd-ng
CVE-2026-43916

8.7HIGH

Key Information:

Vendor: Identd-ng
Status: Pam Authnft
Vendor: CVE Published:; 12 May 2026

What is CVE-2026-43916?

The pam_authnft module, which integrates nftables firewall rules with authenticated sessions via cgroupv2 inodes, features a vulnerability in versions prior to 0.2.0-alpha. This flaw allows a crafted NETLINK_SOCK_DIAG reply to bypass the message-size check, leading to potential dereferencing beyond the allocated memory limits in the peer_lookup_tcp function. This oversight could be exploited to affect system stability or security, making it crucial for users to update to the latest version to mitigate any associated risks.

Affected Version(s)

pam_authnft < 0.2.0-alpha

References

https://github.com/identd-ng/pam_authnft/security/advisor...

x_refsource_CONFIRM

https://github.com/identd-ng/pam_authnft/pull/10

x_refsource_MISC

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2026
Vulnerability Reserved
May 4, 2026

CVE-2026-43916 Data

JSON

Identd-ng

What is CVE-2026-43916?

Affected Version(s)

References

CVSS V4

Timeline