CVE-2026-53001
Published Jun 24, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict several matches to inet family This is a partial revert of: commit ab4f21e6fb1c ("netfilter: xtables: use NFPROTO_UNSPEC in more extensions") to allow ipv4 and ipv6 only. - xt_mac - xt_owner - xt_physdev These extensions are not used by ebtables in userspace. Moreover, xt_realm is only for ipv4, since dst->tclassid is ipv4 specific.
EPSS — Exploit Prediction
0.0018
Probability of exploitation
0.07%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/14203f9edf944b3fb63faadd62f38452421ecdfc
https://git.kernel.org/stable/c/689a91ff18d6448d94c1ab7c076fecdb2b668bef
https://git.kernel.org/stable/c/76160e04440c9698b989dbd9492a7ec4f520c9ee
https://git.kernel.org/stable/c/7eaf9c740f33230cb224dc265f3c69f8531ff57b
https://git.kernel.org/stable/c/9a109751b297b0f2135495749ef5a18ba31ec7d4
https://git.kernel.org/stable/c/b6fe26f86a1649f84e057f3f15605b08eda15497
https://git.kernel.org/stable/c/cbeb259f31382de70a70a59ffd0e66f5e80d9818
https://git.kernel.org/stable/c/fa88161ef56e29bdaa05cc89dbc4ee221e94bfe9
Frequently Asked Questions
What is CVE-2026-53001? +
In the Linux kernel, the following vulnerability has been resolved:
netfilter: xtables: restrict several matches to inet family
This is a partial revert of:
commit ab4f21e6fb1c ("netfilter: xtables: use NFPROTO_UNSPEC in more extensions")
to allow ipv4 and ipv6 only.
- xt_mac
- xt_owner
- xt_physdev
These extensions are not used by ebtables in userspace.
Moreover, xt_realm is only for ipv4, since dst->tclassid is ipv4
specific.
How do I check if I'm vulnerable to CVE-2026-53001? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.