CVE-2025-71146
Unknown
Unknown - Not Provided
BaseFortify
Vulnerability report for CVE-2025-71146, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-01-23
Last updated on: 2026-02-26
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conncount: fix leaked ct in error paths
There are some situations where ct might be leaked as error paths are
skipping the refcounted check and return immediately. In order to solve
it make sure that the check is always called.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.19 |
| linux | linux_kernel | From 6.17.13 (inc) to 6.18 (exc) |
| linux | linux_kernel | 6.12.63 |
| linux | linux_kernel | 6.18.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |