CVE Catalog

CVE-2026-53268

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.36%

28th percentile — higher than 28% of all known CVEs

Summary

In the Linux kernel, the netfilter conntrack_irc module has a vulnerability that allows an out-of-bounds read. The issue occurs when parsing fails after matching a command string, and the system attempts to match a different command instead of bailing out.

Risk Assessment

The risk involves potential leakage of sensitive data or system crashes due to reading beyond the allocated memory. An attacker could exploit this by sending crafted IRC traffic.

Recommendation

Immediately update the Linux kernel to a patched version. Given the deprecation of IRC in modern environments, consider disabling the conntrack_irc module if not in use.

Original NVD description (English source)

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack_irc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given prevalence of TLS I doubt it has any relevance in 2026.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS