Vulnerability-Lookup

CVE-2026-52921 (GCVE-0-2026-52921)

Vulnerability from cvelistv5 – Published: 2026-06-24 07:14 – Updated: 2026-06-24 07:14

Title

netfilter: ipset: stop hash:* range iteration at end

Summary

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash:* range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last address in the requested range has been processed. Advancing it once more can move the traversal state past the end of the request, so a later retry may continue from an unintended position. Handle the iterator increment explicitly at the end of the loop and stop once the upper bound has been processed. This keeps the existing retry behaviour intact for valid ranges while preventing traversal from continuing past the original boundary.

Severity

No CVSS data available.

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/be75218fadea22e59…
https://git.kernel.org/stable/c/383418c20e69f5761…
https://git.kernel.org/stable/c/0d7b33ace701fe397…
https://git.kernel.org/stable/c/c281e018af98df918…
https://git.kernel.org/stable/c/02f75f041a93ea045…
https://git.kernel.org/stable/c/952e988163c2ab993…
https://git.kernel.org/stable/c/0b530efb2cc9dbddd…
https://git.kernel.org/stable/c/0d3a282ab5f165fc2…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < be75218fadea22e59c8673db212f29c681bf45bb (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 383418c20e69f5761b6ec5238f599423f4fb77fb (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 0d7b33ace701fe397e6e4de145f32e098178d901 (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < c281e018af98df91827d65bec00f4956c00a1b02 (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 02f75f041a93ea045834da89cd3234f4c1d749b4 (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 952e988163c2ab9939c3db9f0f8e77af6a1bb436 (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc (git) Affected: 48596a8ddc46f96afb6a2cd72787cb15d6bb01fc , < 0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6 (git)
Linux	Linux	Affected: 4.14 Unaffected: 0 , < 4.14 (semver) Unaffected: 5.10.258 , ≤ 5.10.* (semver) Unaffected: 5.15.209 , ≤ 5.15.* (semver) Unaffected: 6.1.175 , ≤ 6.1.* (semver) Unaffected: 6.6.142 , ≤ 6.6.* (semver) Unaffected: 6.12.92 , ≤ 6.12.* (semver) Unaffected: 6.18.34 , ≤ 6.18.* (semver) Unaffected: 7.0.11 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/ipset/ip_set_hash_ipmark.c",
            "net/netfilter/ipset/ip_set_hash_ipport.c",
            "net/netfilter/ipset/ip_set_hash_ipportip.c",
            "net/netfilter/ipset/ip_set_hash_ipportnet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "be75218fadea22e59c8673db212f29c681bf45bb",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "383418c20e69f5761b6ec5238f599423f4fb77fb",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "0d7b33ace701fe397e6e4de145f32e098178d901",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "c281e018af98df91827d65bec00f4956c00a1b02",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "02f75f041a93ea045834da89cd3234f4c1d749b4",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "952e988163c2ab9939c3db9f0f8e77af6a1bb436",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            },
            {
              "lessThan": "0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6",
              "status": "affected",
              "version": "48596a8ddc46f96afb6a2cd72787cb15d6bb01fc",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/netfilter/ipset/ip_set_hash_ipmark.c",
            "net/netfilter/ipset/ip_set_hash_ipport.c",
            "net/netfilter/ipset/ip_set_hash_ipportip.c",
            "net/netfilter/ipset/ip_set_hash_ipportnet.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.14"
            },
            {
              "lessThan": "4.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.258",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.175",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.142",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.92",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.34",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.0.*",
              "status": "unaffected",
              "version": "7.0.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.1",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.258",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.209",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.175",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.142",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.92",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.34",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0.11",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.1",
                  "versionStartIncluding": "4.14",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: stop hash:* range iteration at end\n\nThe following hash set variants:\n\nhash:ip,mark\nhash:ip,port\nhash:ip,port,ip\nhash:ip,port,net\n\niterate IPv4 ranges with a 32-bit iterator.\n\nThe iterator must stop once the last address in the requested range has\nbeen processed. Advancing it once more can move the traversal state past\nthe end of the request, so a later retry may continue from an unintended\nposition.\n\nHandle the iterator increment explicitly at the end of the loop and stop\nonce the upper bound has been processed. This keeps the existing retry\nbehaviour intact for valid ranges while preventing traversal from\ncontinuing past the original boundary."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-24T07:14:16.533Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901"
        },
        {
          "url": "https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02"
        },
        {
          "url": "https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6"
        }
      ],
      "title": "netfilter: ipset: stop hash:* range iteration at end",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-52921",
    "datePublished": "2026-06-24T07:14:16.533Z",
    "dateReserved": "2026-06-09T07:44:35.367Z",
    "dateUpdated": "2026-06-24T07:14:16.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-52921",
      "date": "2026-06-29",
      "epss": "0.00164",
      "percentile": "0.0601"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-52921\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-06-24T08:16:22.067\",\"lastModified\":\"2026-06-24T08:16:22.067\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: ipset: stop hash:* range iteration at end\\n\\nThe following hash set variants:\\n\\nhash:ip,mark\\nhash:ip,port\\nhash:ip,port,ip\\nhash:ip,port,net\\n\\niterate IPv4 ranges with a 32-bit iterator.\\n\\nThe iterator must stop once the last address in the requested range has\\nbeen processed. Advancing it once more can move the traversal state past\\nthe end of the request, so a later retry may continue from an unintended\\nposition.\\n\\nHandle the iterator increment explicitly at the end of the loop and stop\\nonce the upper bound has been processed. This keeps the existing retry\\nbehaviour intact for valid ranges while preventing traversal from\\ncontinuing past the original boundary.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"net/netfilter/ipset/ip_set_hash_ipmark.c\",\"net/netfilter/ipset/ip_set_hash_ipport.c\",\"net/netfilter/ipset/ip_set_hash_ipportip.c\",\"net/netfilter/ipset/ip_set_hash_ipportnet.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"be75218fadea22e59c8673db212f29c681bf45bb\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"383418c20e69f5761b6ec5238f599423f4fb77fb\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"0d7b33ace701fe397e6e4de145f32e098178d901\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"c281e018af98df91827d65bec00f4956c00a1b02\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"02f75f041a93ea045834da89cd3234f4c1d749b4\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"952e988163c2ab9939c3db9f0f8e77af6a1bb436\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc\",\"lessThan\":\"0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"net/netfilter/ipset/ip_set_hash_ipmark.c\",\"net/netfilter/ipset/ip_set_hash_ipport.c\",\"net/netfilter/ipset/ip_set_hash_ipportip.c\",\"net/netfilter/ipset/ip_set_hash_ipportnet.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"4.14\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"4.14\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.258\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.209\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.175\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.142\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.92\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.34\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.11\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}

CERTFR-2026-AVI-0812

Vulnerability from certfr_avis - Published: 2026-06-29 - Updated: 2026-06-29

De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	Azure Linux	azl3 libssh2 1.11.1-2 versions antérieures à 1.11.1-3
Microsoft	Azure Linux	azl3 libssh2 1.11.1-3 versions antérieures à 1.11.1-3
Microsoft	Azure Linux	azl3 nodejs 24.14.1-3 versions antérieures à 24.17.0-1
Microsoft	Azure Linux	azl3 kernel 6.6.141.1-1 versions antérieures à 6.6.143.1-1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-53215	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53209	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52912	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-9697	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53080	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53247	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53218	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53221	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53255	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52926	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52916	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52924	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53239	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53254	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-9675	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52930	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52941	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53236	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53176	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52942	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53268	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53266	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53160	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53148	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53270	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53217	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52934	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53253	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52943	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53227	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53182	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53230	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53186	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53184	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53161	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52923	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53237	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53213	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52947	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53245	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52922	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53159	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53150	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53275	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53133	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53264	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53267	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53265	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53196	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53219	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53149	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53242	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53146	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53252	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53194	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52919	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52931	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52921	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53181	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53154	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52913	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53135	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53183	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53249	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53228	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53147	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53143	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53158	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52915	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53238	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53263	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53207	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53225	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53214	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-55200	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53177	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53199	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-52927	2026-06-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-53274	2026-06-27	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "azl3 libssh2 1.11.1-2 versions ant\u00e9rieures \u00e0 1.11.1-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 libssh2 1.11.1-3 versions ant\u00e9rieures \u00e0 1.11.1-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 nodejs 24.14.1-3 versions ant\u00e9rieures \u00e0 24.17.0-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.141.1-1 versions ant\u00e9rieures \u00e0 6.6.143.1-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-9697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-9697"
    },
    {
      "name": "CVE-2026-53230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53230"
    },
    {
      "name": "CVE-2026-52934",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52934"
    },
    {
      "name": "CVE-2026-53214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53214"
    },
    {
      "name": "CVE-2026-53274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53274"
    },
    {
      "name": "CVE-2026-52947",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52947"
    },
    {
      "name": "CVE-2026-53218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53218"
    },
    {
      "name": "CVE-2026-53143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53143"
    },
    {
      "name": "CVE-2026-53161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53161"
    },
    {
      "name": "CVE-2026-52924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52924"
    },
    {
      "name": "CVE-2026-53227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53227"
    },
    {
      "name": "CVE-2026-53239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53239"
    },
    {
      "name": "CVE-2026-53181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53181"
    },
    {
      "name": "CVE-2026-52943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52943"
    },
    {
      "name": "CVE-2026-52915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52915"
    },
    {
      "name": "CVE-2026-53146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53146"
    },
    {
      "name": "CVE-2026-52913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52913"
    },
    {
      "name": "CVE-2026-52941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52941"
    },
    {
      "name": "CVE-2026-53150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53150"
    },
    {
      "name": "CVE-2026-53147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53147"
    },
    {
      "name": "CVE-2026-52942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52942"
    },
    {
      "name": "CVE-2026-53183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53183"
    },
    {
      "name": "CVE-2026-52931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52931"
    },
    {
      "name": "CVE-2026-52919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52919"
    },
    {
      "name": "CVE-2026-53266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53266"
    },
    {
      "name": "CVE-2026-53149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53149"
    },
    {
      "name": "CVE-2026-53176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53176"
    },
    {
      "name": "CVE-2026-53158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53158"
    },
    {
      "name": "CVE-2026-53219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53219"
    },
    {
      "name": "CVE-2026-53249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53249"
    },
    {
      "name": "CVE-2026-53217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53217"
    },
    {
      "name": "CVE-2026-52916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52916"
    },
    {
      "name": "CVE-2026-53236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53236"
    },
    {
      "name": "CVE-2026-53225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53225"
    },
    {
      "name": "CVE-2026-52922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52922"
    },
    {
      "name": "CVE-2026-53209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53209"
    },
    {
      "name": "CVE-2026-53135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53135"
    },
    {
      "name": "CVE-2026-52927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52927"
    },
    {
      "name": "CVE-2026-53237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53237"
    },
    {
      "name": "CVE-2026-53186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53186"
    },
    {
      "name": "CVE-2026-53182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53182"
    },
    {
      "name": "CVE-2026-53177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53177"
    },
    {
      "name": "CVE-2026-53255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53255"
    },
    {
      "name": "CVE-2026-53207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53207"
    },
    {
      "name": "CVE-2026-53160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53160"
    },
    {
      "name": "CVE-2026-53245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53245"
    },
    {
      "name": "CVE-2026-53148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53148"
    },
    {
      "name": "CVE-2026-53133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53133"
    },
    {
      "name": "CVE-2026-53263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53263"
    },
    {
      "name": "CVE-2026-53228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53228"
    },
    {
      "name": "CVE-2026-53194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53194"
    },
    {
      "name": "CVE-2026-53242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53242"
    },
    {
      "name": "CVE-2026-53199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53199"
    },
    {
      "name": "CVE-2026-53247",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53247"
    },
    {
      "name": "CVE-2026-53268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53268"
    },
    {
      "name": "CVE-2026-53159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53159"
    },
    {
      "name": "CVE-2026-9675",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-9675"
    },
    {
      "name": "CVE-2026-53080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53080"
    },
    {
      "name": "CVE-2026-53267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53267"
    },
    {
      "name": "CVE-2026-52912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52912"
    },
    {
      "name": "CVE-2026-53221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53221"
    },
    {
      "name": "CVE-2026-53275",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53275"
    },
    {
      "name": "CVE-2026-55200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-55200"
    },
    {
      "name": "CVE-2026-53215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53215"
    },
    {
      "name": "CVE-2026-53253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53253"
    },
    {
      "name": "CVE-2026-53252",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53252"
    },
    {
      "name": "CVE-2026-53270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53270"
    },
    {
      "name": "CVE-2026-53264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53264"
    },
    {
      "name": "CVE-2026-53184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53184"
    },
    {
      "name": "CVE-2026-53254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53254"
    },
    {
      "name": "CVE-2026-53238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53238"
    },
    {
      "name": "CVE-2026-52921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52921"
    },
    {
      "name": "CVE-2026-53213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53213"
    },
    {
      "name": "CVE-2026-52930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52930"
    },
    {
      "name": "CVE-2026-53265",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53265"
    },
    {
      "name": "CVE-2026-52923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52923"
    },
    {
      "name": "CVE-2026-53154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53154"
    },
    {
      "name": "CVE-2026-53196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-53196"
    },
    {
      "name": "CVE-2026-52926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-52926"
    }
  ],
  "initial_release_date": "2026-06-29T00:00:00",
  "last_revision_date": "2026-06-29T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0812",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-06-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Azure Linux. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Azure Linux",
  "vendor_advisories": [
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53215",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53215"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53209",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53209"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52912",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52912"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-9697",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9697"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53080",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53080"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53247",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53247"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53218",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53218"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53221",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53221"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53255",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53255"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52926",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52926"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52916",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52916"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52924",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52924"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53239",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53239"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53254",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53254"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-9675",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9675"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52930",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52930"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52941",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52941"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53236",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53236"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53176",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53176"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52942",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52942"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53268",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53268"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53266",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53266"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53160",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53160"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53148",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53148"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53270",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53270"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53217",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53217"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52934",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52934"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53253",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53253"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52943",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52943"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53227",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53227"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53182",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53182"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53230",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53230"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53186",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53186"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53184",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53184"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53161",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53161"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52923",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52923"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53237",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53237"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53213",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53213"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52947",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52947"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53245",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53245"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52922",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52922"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53159",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53159"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53150",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53150"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53275",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53275"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53133",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53133"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53264",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53264"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53267",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53267"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53265",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53265"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53196",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53196"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53219",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53219"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53149",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53149"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53242",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53242"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53146",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53146"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53252",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53252"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53194",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53194"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52919",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52919"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52931",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52931"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52921",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52921"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53181",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53181"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53154",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53154"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52913",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52913"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53135",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53135"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53183",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53183"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53249",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53249"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53228",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53228"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53147",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53147"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53143",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53143"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53158",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53158"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52915",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52915"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53238",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53238"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53263",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53263"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53207",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53207"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53225",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53225"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53214",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53214"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-55200",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55200"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53177",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53177"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53199",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53199"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-52927",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52927"
    },
    {
      "published_at": "2026-06-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-53274",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53274"
    }
  ]
}

GHSA-3V47-MWG3-XVQ2

Vulnerability from github – Published: 2026-06-24 09:30 – Updated: 2026-06-24 09:30

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: stop hash:* range iteration at end

The following hash set variants:

hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net

iterate IPv4 ranges with a 32-bit iterator.

The iterator must stop once the last address in the requested range has been processed. Advancing it once more can move the traversal state past the end of the request, so a later retry may continue from an unintended position.

Handle the iterator increment explicitly at the end of the loop and stop once the upper bound has been processed. This keeps the existing retry behaviour intact for valid ranges while preventing traversal from continuing past the original boundary.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-52921"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-24T08:16:22Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: stop hash:* range iteration at end\n\nThe following hash set variants:\n\nhash:ip,mark\nhash:ip,port\nhash:ip,port,ip\nhash:ip,port,net\n\niterate IPv4 ranges with a 32-bit iterator.\n\nThe iterator must stop once the last address in the requested range has\nbeen processed. Advancing it once more can move the traversal state past\nthe end of the request, so a later retry may continue from an unintended\nposition.\n\nHandle the iterator increment explicitly at the end of the loop and stop\nonce the upper bound has been processed. This keeps the existing retry\nbehaviour intact for valid ranges while preventing traversal from\ncontinuing past the original boundary.",
  "id": "GHSA-3v47-mwg3-xvq2",
  "modified": "2026-06-24T09:30:48Z",
  "published": "2026-06-24T09:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-52921"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

MSRC_CVE-2026-52921

Vulnerability from csaf_microsoft - Published: 2026-06-02 00:00 - Updated: 2026-06-28 01:57

Summary

netfilter: ipset: stop hash:* range iteration at end

Notes

Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

CVE-2026-52921

Affected products

Fixed 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 21443-17084		—

Known affected 1 product

Product	Identifier	Version	Remediation
Unresolved product id: 17084-1		—	Vendor Fix fix

References

4 references

URL	Category
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self
https://support.microsoft.com/lifecycle	external
https://www.first.org/cvss	external
https://msrc.microsoft.com/csaf/vex/2026/msrc_cve…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2026-52921 netfilter: ipset: stop hash:* range iteration at end - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-52921.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "netfilter: ipset: stop hash:* range iteration at end",
    "tracking": {
      "current_release_date": "2026-06-28T01:57:14.000Z",
      "generator": {
        "date": "2026-06-28T07:10:57.308Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2026-52921",
      "initial_release_date": "2026-06-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2026-06-27T01:05:32.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2026-06-28T01:57:14.000Z",
          "legacy_version": "2",
          "number": "2",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3",
                "product": {
                  "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kernel 0:6.6.141.1-1.azl3",
                "product": {
                  "name": "azl3 kernel 0:6.6.141.1-1.azl3",
                  "product_id": "21443"
                }
              }
            ],
            "category": "product_name",
            "name": "kernel"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kernel 0:6.6.141.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kernel 0:6.6.141.1-1.azl3 as a component of Azure Linux 3.0",
          "product_id": "21443-17084"
        },
        "product_reference": "21443",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2026-52921",
      "notes": [
        {
          "category": "general",
          "text": "Linux",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "21443-17084"
        ],
        "known_affected": [
          "17084-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-52921 netfilter: ipset: stop hash:* range iteration at end - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-52921.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-06-27T01:05:32.000Z",
          "details": "0:6.6.143.1-1.azl3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "title": "netfilter: ipset: stop hash:* range iteration at end"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-52921 (GCVE-0-2026-52921)

CERTFR-2026-AVI-0812

Solutions

GHSA-3V47-MWG3-XVQ2

MSRC_CVE-2026-52921

Tags

Sightings

Nomenclature