CVE-2026-53002

Source
https://cve.org/CVERecord?id=CVE-2026-53002
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53002.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-53002
Downstream
Published
2026-06-24T16:29:14.391Z
Modified
2026-07-16T03:32:40.877812398Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
netfilter: conntrack: remove sprintf usage
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: conntrack: remove sprintf usage

Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check.

Increase buffer size in manglecontentlen() while at it.

BUG: KASAN: stack-out-of-bounds in vsnprintf+0xea5/0x1270 Write of size 1 at addr [..] vsnprintf+0xea5/0x1270 sprintf+0xb1/0xe0 manglecontentlen+0x1ac/0x280 nfnatsdpsession+0x1cc/0x240 processsdp+0x8f8/0xb80 processinviterequest+0x108/0x2b0 processsipmsg+0x5da/0xf50 siphelptcp+0x45e/0x780 nf_confirm+0x34d/0x990 [..]

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53002.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9fafcd7b203229c3f3893a475741afc27e276306
Fixed
2f793ba78470a99f40389b7dc60a81d9f5ad3956
Fixed
6bbf829b4c1b44c941c47dd0d710f1393258f3d5
Fixed
ab64e61c9323fa6de21bd20da1ddb29a0fb65d34
Fixed
1c9fb8aeed06790d42cdcd00f6c3ce0b9e926c1e
Fixed
a8e0a32a23d3f34862af3b4da792ecb3a891a9a3
Fixed
8e3be0d12615a173fe260cd42753ca7a001acbf2
Fixed
c08ff52e44945e6ef4ce0790f49ea761b060c45b
Fixed
6e7066bdb481a87fe88c4fa563e348c03b2d373d

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53002.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.20
Fixed
5.10.258
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.209
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.175
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.141
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.91
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.33
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.10

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-53002.json"