The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - netfilter: nf_tables: fix use-after-free in nf_tables_addchain() nf_tables_addchain() publishes the chain     to table->chains via list_add_tail_rcu() (in nft_chain_add()) before registering hooks. If     nf_tables_register_hook() then fails, the error path calls nft_chain_del() (list_del_rcu()) followed by     nf_tables_chain_destroy() with no RCU grace period in between. This creates two use-after-free conditions:
    1) Control-plane: nf_tables_dump_chains() traverses table->chains under rcu_read_lock(). A concurrent dump     can still be walking the chain when the error path frees it. 2) Packet path: for NFPROTO_INET,     nf_register_net_hook() briefly installs the IPv4 hook before IPv6 registration fails. Packets entering     nft_do_chain() via the transient IPv4 hook can still be dereferencing chain->blob_gen_X when the error     path frees the chain. Add synchronize_rcu() between nft_chain_del() and the chain destroy so that all RCU     readers -- both dump threads and in-flight packet evaluation -- have finished before the chain is freed.
    (CVE-2026-23231)

Note that Nessus relies on the presence of the package as reported by the vendor.

Detections

Analytics

Linux Distros Unpatched Vulnerability : CVE-2026-23231

high Nessus Plugin ID 301036

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.8 Mar 31, 2026, 10:50 AM CVSS metrics ("CVSSv2 score" set to 6.8) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C") CVSSv2 severity (based on CVE-2026-23231, severity decreased from "High" to "Medium") Plugin Feed: 202603311050
Version 1.7 Mar 31, 2026, 4:03 AM CVSS metrics ("CVSSv2 score" set to 7.2) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C") CVSSv2 severity (based on CVE-2026-23231, severity increased from "Medium" to "High") Detection (updated detection logic) Plugin metadata Plugin Feed: 202603310403
Version 1.6 Mar 19, 2026, 12:10 PM CVSS metrics ("CVSSv2 score" set to 6.8) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C") CVSSv2 severity (based on CVE-2026-23231, severity decreased from "High" to "Medium") Plugin Feed: 202603191210
Version 1.5 Mar 18, 2026, 7:26 PM CVSS metrics ("CVSSv3 score" set to 7.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") Detection (updated detection logic) Plugin Feed: 202603181926
Version 1.4 Mar 17, 2026, 4:16 PM CVSS metrics ("CVSSv3 score" set to 7.1) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H") Detection (updated detection logic) Plugin metadata Plugin Feed: 202603171616
Version 1.3 Mar 10, 2026, 1:56 AM Detection (updated detection logic) Plugin metadata Plugin Feed: 202603100156
Version 1.2 Mar 7, 2026, 12:24 AM CVSS metrics ("CVSSv2 score" set to 7.2) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C") CVSSv2 severity (based on CVE-2026-23231, severity increased from "Medium" to "High") Detection (updated detection logic) Plugin metadata Plugin Feed: 202603070024
Version 1.1 Mar 6, 2026, 1:46 PM New Plugin Feed: 202603061346