CVE-2026-23139

Feb. 14, 2026, 4:15 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high packet rate, it is possible to always bypass the GC, causing the list to grow infinitely. Update the last_gc value only when a GC has been actually performed.

Product(s) Impacted

Vendor Product Versions
Linux
  • Linux Kernel
  • Netfilter
  • *
  • *

Weaknesses

Common security weaknesses mapped to this vulnerability.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a linux linux_kernel / / / / / / / /
a linux netfilter / / / / / / / /

References

https://git.kernel.org/stable/c/26a82dce2beee39c43c109d9647e16f49cb02a35
https://git.kernel.org/stable/c/2c7c71113ed6d3e2f3aca4c088f22283016ff34f
https://git.kernel.org/stable/c/3cd717359e56f82f06cbf8279b47a7d79880c6f3
https://git.kernel.org/stable/c/7811ba452402d58628e68faedf38745b3d485e3c
https://git.kernel.org/stable/c/8bdafdf4900040a81422056cabe5e00a37bd101a
https://git.kernel.org/stable/c/9f45588993d7f115280fc726119ca86fba32a811
https://git.kernel.org/stable/c/c4cde57c8affdcca5bcff53a1047e15d268bdca1

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2026-02-14
CVE-2026-23139

Timeline

Published: Feb. 14, 2026, 4:15 p.m.
Last Modified: Feb. 14, 2026, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.