Linux Netfilter OOB write LPE — exploitable from unprivileged containers with NET_ADMIN capability. Apply kernel patches. Restrict CAP_NET_ADMIN capability in container security contexts. This is a recurring vulnerability class in Linux packet filtering.
An out-of-bounds write flaw was found in the Linux kernel net filter subsystem allowing user-space code with CAP_NET_ADMIN to achieve local privilege escalation.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →