CVE-2026-45901 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: revert commit_mutex usage in reset path

It causes circular lock dependency between commit_mutex, nfnl_subsys_ipset
and nlk_cb_mutex when nft reset, ipset list, and iptables-nft with '-m set'
rule run at the same time.

Previous patches made it safe to run individual reset handlers concurrently
so commit_mutex is no longer required to prevent this.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`3cb03edb4de33fd04c4ea55f47397b96a8657c53`	affected	< ee3978b6a0dcd4215cb7cedcba705a12174786a7
`3cb03edb4de33fd04c4ea55f47397b96a8657c53`	affected	< 7f261bb906bf527c4a6e2a646e2d5f3679f2a8bc
`fb1adb05ea87b6149e65a31e511756c4f470d0cd`	affected	—
`f123293db16dcd0cd81b246ae60e6362f0025d0a`	affected	—
`6.1.107`	affected	< 6.2
`6.6.48`	affected	< 6.7

Linux

affected

Version	Status	Constraints
`6.7`	affected	—
`0`	unaffected	< 6.7
`6.19.4`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

No data.

Project Subscriptions

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/7f261bb906bf527c4a6e2a646e2d5f3679f2a8bc
https://git.kernel.org/stable/c/ee3978b6a0dcd4215cb7cedcba705a12174786a7

History

Wed, 27 May 2026 17:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-771

Wed, 27 May 2026 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: revert commit_mutex usage in reset path It causes circular lock dependency between commit_mutex, nfnl_subsys_ipset and nlk_cb_mutex when nft reset, ipset list, and iptables-nft with '-m set' rule run at the same time. Previous patches made it safe to run individual reset handlers concurrently so commit_mutex is no longer required to prevent this.
Title		netfilter: nf_tables: revert commit_mutex usage in reset path
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/7f261bb906bf527c4a6e2a646e2d5f3679f2a8bc https://git.kernel.org/stable/c/ee3978b6a0dcd4215cb7cedcba705a12174786a7

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-05-27T12:17:09.861Z

Updated: 2026-05-27T12:17:09.861Z

Reserved: 2026-05-13T15:03:33.084Z

Link: CVE-2026-45901

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-05-27T14:17:04.483

Modified: 2026-05-27T14:48:31.480

Link: CVE-2026-45901

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-27T16:45:38Z

Weaknesses

CWE-771

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object