Impact
A race condition in the nf_tables occurs during the commit phase when new hooks are linked into the hook list via splice_list_rcu(). The improper synchronization can cause the hook list to become inconsistent. When Netlink processes traverse the list, this inconsistency may cause the kernel to become unstable or terminate unexpectedly. The core weakness is a race condition that can lead to kernel crash or perceived lock corruption (CWE-821).
Affected Systems
All Linux kernel builds that include the nf_tables component are potentially affected. The advisory references the generic Linux kernel family without specifying exact version ranges; thus any kernel that contains nf_tables and does not include the patch commit that resolves the splice_list_rcu race condition is at risk.
Risk and Exploitability
The CVE-2026-52988 is 7.1, indicating high severity, while the EPSS score is less than 1%, pointing to a very low exploitation probability. The vulnerability is not listed in the CISA KEV catalog, and no public exploit is known. Based on the description, it is inferred that an attacker would need to perform concurrent ruleset updates during the nf_tables commit phase, which typically requires local privileged access. The likely attack vector is therefore local, privileged. Exploitation could lead the kernel to crash, resulting in denial of service.
OpenCVE Enrichment