libnftnl has Heap-based Buffer Overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::with_page_size constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch initialization. The flaw was fixed in commit 94a286f by adding an overflow check: batch_page_size .checked_add(crate::nft_nlmsg_maxsize()) .expect("batch_page_size is too large and would overflow");