CVE-2026-43916 – pam_authnft: Heap buffer overflow in NETLINK_SOCK_DIAG reply walker

CVE ID :CVE-2026-43916

Published : May 12, 2026, 2:17 p.m. | 41 minutes ago

Description :pam_authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peer_lookup_tcp (src/peer_lookup.c:134, prior to the fix) allowed a crafted NETLINK_SOCK_DIAG reply to slip past the message-size check, then dereference past the end of the allocation. This vulnerability is fixed in 0.2.0-alpha.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…