A race condition in the Linux kernel’s netfilter nf_tables module allows concurrent hook list updates during the commit phase to intermix incorrectly through splice_list_rcu. This improper synchronization can corrupt the hook list that is used for netlink dump traversal, potentially leading to kernel instability or crashes when netlink requests are processed. The vulnerability is a synchronization flaw that can result in a denial of service but does not provide an escalation path for arbitrary code execution.

All Linux kernel releases that include the nf_tables component are affected. The entry lists the generic Linux kernel family without specific version constraints, indicating that the flaw was present across all kernel versions prior to the commit referenced in the advisory. Administrators should verify whether their current kernel build incorporates the identified patch commit.

The advisory does not publish a CVSS score or EPSS value, so the quantified risk cannot be established. The flaw requires the attacker to execute or influence kernel code during the nf_tables commit phase, implying a local or privileged attack vector. Because the issue directly impacts the kernel’s core networking functionality, exploitation would likely destabilize the system rather than provide direct privilege escalation. The vulnerability has not been listed in the CISA KEV catalog and no publicly available exploit is documented.