VYPR
High severity7.5NVD Advisory· Published Feb 14, 2026· Updated Apr 3, 2026

CVE-2026-23139

CVE-2026-23139

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_conncount: update last_gc only when GC has been performed

Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high packet rate, it is possible to always bypass the GC, causing the list to grow infinitely.

Update the last_gc value only when a GC has been actually performed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

75

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.