{"id":"CVE-2026-52970","summary":"netfilter: nft_ct: fix missing expect put in obj eval","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix missing expect put in obj eval\n\nnft_ct_expect_obj_eval() allocates an expectation and may call\nnf_ct_expect_related(), but never drops its local reference.\n\nAdd nf_ct_expect_put(exp) before return to balance allocation.","modified":"2026-07-12T03:54:57.783565634Z","published":"2026-06-24T16:28:48.882Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52970.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/19f94b6fee75b3ef7fbc06f3745b9a771a8a19a4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1dced0725e2fae3ac3416274db20a7ff5a46931d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/26ab32ec73941871c97562ee1f39587950dc3b68"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2aef1b13d5c0285f340512c6c07eb858fd018fd8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7b96242ceedfe249f158419f3254bcee04173ffe"},{"type":"WEB","url":"https://git.kernel.org/stable/c/84c422cea5a45fe56be839f25880f21fd33940cd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cdb9a25dd3416d427e8b2753210f8baf44207577"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ecca618e1e339494911090474ed87742c0f73976"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/52xxx/CVE-2026-52970.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-52970"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"857b46027d6f91150797295752581b7155b9d0e1"},{"fixed":"cdb9a25dd3416d427e8b2753210f8baf44207577"},{"fixed":"26ab32ec73941871c97562ee1f39587950dc3b68"},{"fixed":"7b96242ceedfe249f158419f3254bcee04173ffe"},{"fixed":"ecca618e1e339494911090474ed87742c0f73976"},{"fixed":"2aef1b13d5c0285f340512c6c07eb858fd018fd8"},{"fixed":"1dced0725e2fae3ac3416274db20a7ff5a46931d"},{"fixed":"84c422cea5a45fe56be839f25880f21fd33940cd"},{"fixed":"19f94b6fee75b3ef7fbc06f3745b9a771a8a19a4"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52970.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.3.0"},{"fixed":"5.10.258"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.209"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.175"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.6.141"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.7.0"},{"fixed":"6.12.91"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.13.0"},{"fixed":"6.18.33"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.19.0"},{"fixed":"7.0.10"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-52970.json"}}],"schema_version":"1.7.5"}