{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-71146", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-01-13T15:30:19.661Z", "datePublished": "2026-01-23T14:15:12.998Z", "dateUpdated": "2026-01-23T14:15:12.998Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-01-23T14:15:12.998Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: fix leaked ct in error paths\n\nThere are some situations where ct might be leaked as error paths are\nskipping the refcounted check and return immediately. In order to solve\nit make sure that the check is always called."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_conncount.c"], "versions": [{"version": "6e86f0eca857ee42787e30e9ec0b726aebfcae0a", "lessThan": "08fa37f4c8c59c294e9c18fea2d083ee94074e5a", "status": "affected", "versionType": "git"}, {"version": "b160895d6bc9690459b16ef87799c9bd456af3ec", "lessThan": "e1ac8dce3a893641bef224ad057932f142b8a36f", "status": "affected", "versionType": "git"}, {"version": "8d5a2c94c24dcc226863a7c2b5034750370c2189", "lessThan": "f381a33f34dda9e4023e38ba68c943bca83245e9", "status": "affected", "versionType": "git"}, {"version": "da9f247fb5efcd5a2730cdc989291b383c439e10", "lessThan": "325eb61bb30790ea27782203a17b007ce1754a67", "status": "affected", "versionType": "git"}, {"version": "3558faee8aace3541189c3a2ca45c7e85e144b44", "lessThan": "0b88be7211d21a0d68bb1e56dc805944e3654d6f", "status": "affected", "versionType": "git"}, {"version": "f6904ed15ed1a188543057e3cb0d02daa80edfc9", "lessThan": "4bd2b89f4028f250dd1c1625eb3da1979b04a5e8", "status": "affected", "versionType": "git"}, {"version": "be102eb6a0e7c03db00e50540622f4e43b2d2844", "lessThan": "2e2a720766886190a6d35c116794693aabd332b6", "status": "affected", "versionType": "git"}, {"version": "8c2da7330214ce30f8333d1799a27ed0a9418f07", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_conncount.c"], "versions": [{"version": "6.19-rc1", "status": "affected"}, {"version": "0", "lessThan": "6.19-rc1", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.64", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.3", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19-rc2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.12.63", "versionEndExcluding": "6.12.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.18.2", "versionEndExcluding": "6.18.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.19-rc1", "versionEndExcluding": "6.19-rc2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.17.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/08fa37f4c8c59c294e9c18fea2d083ee94074e5a"}, {"url": "https://git.kernel.org/stable/c/e1ac8dce3a893641bef224ad057932f142b8a36f"}, {"url": "https://git.kernel.org/stable/c/f381a33f34dda9e4023e38ba68c943bca83245e9"}, {"url": "https://git.kernel.org/stable/c/325eb61bb30790ea27782203a17b007ce1754a67"}, {"url": "https://git.kernel.org/stable/c/0b88be7211d21a0d68bb1e56dc805944e3654d6f"}, {"url": "https://git.kernel.org/stable/c/4bd2b89f4028f250dd1c1625eb3da1979b04a5e8"}, {"url": "https://git.kernel.org/stable/c/2e2a720766886190a6d35c116794693aabd332b6"}], "title": "netfilter: nf_conncount: fix leaked ct in error paths", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conncount: fix leaked ct in error paths\n\nThere are some situations where ct might be leaked as error paths are\nskipping the refcounted check and return immediately. In order to solve\nit make sure that the check is always called."}], "id": "CVE-2025-71146", "lastModified": "2026-01-23T15:16:05.230", "metrics": {}, "published": "2026-01-23T15:16:05.230", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/08fa37f4c8c59c294e9c18fea2d083ee94074e5a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0b88be7211d21a0d68bb1e56dc805944e3654d6f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2e2a720766886190a6d35c116794693aabd332b6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/325eb61bb30790ea27782203a17b007ce1754a67"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4bd2b89f4028f250dd1c1625eb3da1979b04a5e8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e1ac8dce3a893641bef224ad057932f142b8a36f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f381a33f34dda9e4023e38ba68c943bca83245e9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}