U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2026-53002 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in mangle_content_len() while at it. BUG: KASAN: stack-out-of-bounds in vsnprintf+0xea5/0x1270 Write of size 1 at addr [..] vsnprintf+0xea5/0x1270 sprintf+0xb1/0xe0 mangle_content_len+0x1ac/0x280 nf_nat_sdp_session+0x1cc/0x240 process_sdp+0x8f8/0xb80 process_invite_request+0x108/0x2b0 process_sip_msg+0x5da/0xf50 sip_help_tcp+0x45e/0x780 nf_confirm+0x34d/0x990 [..]


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/1c9fb8aeed06790d42cdcd00f6c3ce0b9e926c1e kernel.org
https://git.kernel.org/stable/c/2f793ba78470a99f40389b7dc60a81d9f5ad3956 kernel.org
https://git.kernel.org/stable/c/6bbf829b4c1b44c941c47dd0d710f1393258f3d5 kernel.org
https://git.kernel.org/stable/c/6e7066bdb481a87fe88c4fa563e348c03b2d373d kernel.org
https://git.kernel.org/stable/c/8e3be0d12615a173fe260cd42753ca7a001acbf2 kernel.org
https://git.kernel.org/stable/c/a8e0a32a23d3f34862af3b4da792ecb3a891a9a3 kernel.org
https://git.kernel.org/stable/c/ab64e61c9323fa6de21bd20da1ddb29a0fb65d34 kernel.org
https://git.kernel.org/stable/c/c08ff52e44945e6ef4ce0790f49ea761b060c45b kernel.org

Weakness Enumeration

CWE-ID CWE Name Source

Change History

1 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2026-53002
NVD Published Date:
06/24/2026
NVD Last Modified:
06/24/2026
Source:
kernel.org