CVE-2026-45860

설명

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: increase the connection clean up limit to 64 After the optimization to only perform one GC per jiffy, a new problem was introduced. If more than 8 new connections are tracked per jiffy the list won't be cleaned up fast enough possibly reaching the limit wrongly. In order to prevent this issue, only skip the GC if it was already triggered during the same jiffy and the increment is lower than the clean up limit. In addition, increase the clean up limit to 64 connections to avoid triggering GC too ofte...

영향 제품·버전

공급사 Linux

제품 Linux, linux kernel

영향 버전 f106694733c66a48740c25bc4e212e9b2ea364ce, be69850b461e7b491d87a22e33ab76fdd04b725e, d265929930e2ffafc744c0ae05fb70acd53be1ee, 5.10.248, 5.15.198, 5.19, >= 5.10.248 < 5.10.252, >= 5.15.198 < 5.15.202, >= 5.19 < 6.1.165, >= 6.2 < 6.6.128, >= 6.7 < 6.12.75, >= 6.13 < 6.18.14, >= 6.19 < 6.19.4

수정 버전 5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.14, 6.19.4

조치 방법

• 공급사가 제공한 최신 보안 업데이트 적용
• 자사 보유 제품과 영향 버전의 일치 여부 확인
• 외부 노출 서비스와 비정상 인증·접속 로그 점검
• 패치가 어려우면 공급사 완화조치와 접근통제 적용

기술 정보

CVSS 벡터 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE 미등록

EPSS 데이터 기준일 2026.06.27