Common vulnerabilities and Exposures (CVE)

Skip to main content

Required CVE Record Information

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level cgroup maximum depth is INT_MAX by default, there is a cgroup toggle to restrict this maximum depth to a more reasonable value not to harm performance. Remove unnecessary WARN_ON_ONCE which is reachable from userspace.

Product Status

Learn more

Versions 4 Total

Default Status: unaffected

affected

  • affected from ace0db36b4a1db07a48517c4f04488d1cd05e5f5 before 7064a6daa4a700a298fe3aee11dea296bfe59fc4 
  • affected from f07e28e4c623168f9fa5c00f518bd341d4014aa6 before 2f9bec0a749eb646b384fde0c7b7c24687b2ffae 
  • affected from 7f3287db654395f9c5ddd246325ff7889f550286 before e227c042580ab065edc610c9ddc9bea691e6fc4d 
  • affected from 7f3287db654395f9c5ddd246325ff7889f550286 before b7529880cb961d515642ce63f9d7570869bbbdc3 

Versions 6 Total

Default Status: affected

affected

  • affected at 6.11 

unaffected

  • unaffected from before 6.11 
  • unaffected from 6.1.120 through 6.1.* 
  • unaffected from 6.6.66 through 6.6.* 
  • unaffected from 6.12.5 through 6.12.* 
  • unaffected from 6.13