Robustness Fix in Linux Kernel for NAT Helpers Issue
CVE-2026-53349

Currently unrated

Key Information:

Vendor

Linux

Status
Vendor
CVE Published:
1 July 2026

What is CVE-2026-53349?

A robustness issue in the Linux kernel's NAT helpers involves stale expectations remaining in the expectation table upon module removal. Specifically, when NAT helpers, such as nf_nat_h323, are unloaded while active connections exist, they leave behind dangling pointers to freed module text. This can lead to severe errors when the connection attempts to invoke a function that no longer exists. The introduction of nf_ct_helper_expectfn_destroy() addresses this by ensuring that all expectations referencing the unloaded module are properly cleared, thus preventing any potential crashes or unexpected behavior during network operations.

Affected Version(s)

Linux f587de0e2feb9eb9b94f98d0a7b7437e4d6617b4

Linux f587de0e2feb9eb9b94f98d0a7b7437e4d6617b4 < 29d8cc44bbdf7b83a1929912214afe6643c1b4f1

Linux f587de0e2feb9eb9b94f98d0a7b7437e4d6617b4

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.