CVE-2026-53268
Received Received - Intake
Out-of-Bounds Read in Linux Kernel Netfilter Conntrack IRC

Publication date: 2026-06-25

Last updated on: 2026-06-25

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack_irc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given prevalence of TLS I doubt it has any relevance in 2026.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-25
Last Modified
2026-06-25
Generated
2026-06-25
AI Q&A
2026-06-25
EPSS Evaluated
N/A
NVD
CVE-2026-53268
EUVD
EUVD-2026-39219
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux_kernel netfilter conntrack_irc
linux_kernel netfilter_conntrack_irc *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's netfilter component, specifically in the conntrack_irc helper. It involves a possible out-of-bounds read when parsing IRC commands. The issue occurs because after matching the command string, the parser may incorrectly attempt to match a different command instead of bailing out, which can lead to reading memory outside the intended bounds.

The vulnerability has been fixed by ensuring that the parser stops processing after a command string match failure.

Additionally, the conntrack_irc helper is suggested to be deprecated due to the increasing use of TLS, which reduces its relevance.

Impact Analysis

An out-of-bounds read vulnerability can potentially lead to information disclosure or cause a denial of service by crashing the system. In this case, the vulnerability in the conntrack_irc helper could allow an attacker to exploit the Linux kernel's netfilter component to read memory beyond intended limits.

However, since this helper is related to IRC protocol tracking and is suggested to be deprecated due to the prevalence of TLS, the practical impact might be limited in modern environments.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53268. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart