{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "ab4f21e6fb1c09b13c4c3cb8357babe8223471bd"
            },
            {
              "fixed": "14203f9edf944b3fb63faadd62f38452421ecdfc"
            },
            {
              "fixed": "7eaf9c740f33230cb224dc265f3c69f8531ff57b"
            },
            {
              "fixed": "9a109751b297b0f2135495749ef5a18ba31ec7d4"
            },
            {
              "fixed": "cbeb259f31382de70a70a59ffd0e66f5e80d9818"
            },
            {
              "fixed": "689a91ff18d6448d94c1ab7c076fecdb2b668bef"
            },
            {
              "fixed": "76160e04440c9698b989dbd9492a7ec4f520c9ee"
            },
            {
              "fixed": "fa88161ef56e29bdaa05cc89dbc4ee221e94bfe9"
            },
            {
              "fixed": "b6fe26f86a1649f84e057f3f15605b08eda15497"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Linux",
        "name": "Kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.6.28"
            },
            {
              "fixed": "5.10.258"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "5.11.0"
            },
            {
              "fixed": "5.15.209"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "5.16.0"
            },
            {
              "fixed": "6.1.175"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.2.0"
            },
            {
              "fixed": "6.6.141"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.7.0"
            },
            {
              "fixed": "6.12.91"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.13.0"
            },
            {
              "fixed": "6.18.33"
            }
          ],
          "type": "ECOSYSTEM"
        },
        {
          "events": [
            {
              "introduced": "6.19.0"
            },
            {
              "fixed": "7.0.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53001.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: restrict several matches to inet family\n\nThis is a partial revert of:\n\n  commit ab4f21e6fb1c (\"netfilter: xtables: use NFPROTO_UNSPEC in more extensions\")\n\nto allow ipv4 and ipv6 only.\n\n- xt_mac\n- xt_owner\n- xt_physdev\n\nThese extensions are not used by ebtables in userspace.\n\nMoreover, xt_realm is only for ipv4, since dst-\u003etclassid is ipv4\nspecific.",
  "id": "CVE-2026-53001",
  "modified": "2026-07-12T03:55:00.095354733Z",
  "published": "2026-06-24T16:29:13.513Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/14203f9edf944b3fb63faadd62f38452421ecdfc"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/689a91ff18d6448d94c1ab7c076fecdb2b668bef"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/76160e04440c9698b989dbd9492a7ec4f520c9ee"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7eaf9c740f33230cb224dc265f3c69f8531ff57b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9a109751b297b0f2135495749ef5a18ba31ec7d4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b6fe26f86a1649f84e057f3f15605b08eda15497"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/cbeb259f31382de70a70a59ffd0e66f5e80d9818"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fa88161ef56e29bdaa05cc89dbc4ee221e94bfe9"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53001.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53001"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.5",
  "summary": "netfilter: xtables: restrict several matches to inet family"
}