Network Traffic Filtering Vulnerability in Linux Kernel
CVE-2026-52920

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 24 June 2026

What is CVE-2026-52920?

A vulnerability in the Linux kernel's netfilter component has been identified that affects strict mode inbound policy matching. The issue arises in the match_policy_in() function, which processes security path entries incorrectly when evaluating strict match policies. This misalignment can result in inconsistent matching of multi-element inbound rules, potentially leading to unauthorized access or unintended traffic filtering. It is essential for users to ensure they are running updated versions of the Linux kernel to mitigate these risks effectively.

Affected Version(s)

Linux c4b885139203d37f76662c37ae645fe8e0f4e4e5

References

https://git.kernel.org/stable/c/eb323f7b82d2e2f638de0cc2a...

https://git.kernel.org/stable/c/fc1c518bb1f054831ecabb32d...

https://git.kernel.org/stable/c/f98b7f85e04b40e28b08c461d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2026
Vulnerability Reserved
Jun 9, 2026

CVE-2026-52920 Data

JSON