Lucene search
LinuxCVELIST:CVE-2024-26642HistoryMar 21, 2024 - 10:43 a.m.
CVE-2024-26642 netfilter: nf_tables: disallow anonymous set with timeout flag
2024-03-2110:43:43
Linux
www.cve.org
linux kernel
netfilter
nf_tables
anonymous sets
timeout flag
nft_set_eval
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: disallow anonymous set with timeout flag
Anonymous sets are never used with timeout from userspace, reject this.
Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"versions": [
{
"version": "761da2935d6e",
"lessThan": "e4988d8415bd",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "e9a0d3f376eb",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "fe40ffbca19d",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "7cdc1be24cc1",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "72c1efe3f247",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "c0c2176d1814",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "8e07c1669558",
"status": "affected",
"versionType": "git"
},
{
"version": "761da2935d6e",
"lessThan": "16603605b667",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/netfilter/nf_tables_api.c"
],
"versions": [
{
"version": "4.1",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.1",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "4.19.312",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.4.274",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.10.215",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "5.15.154",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.1.84",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.24",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.12",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]References
git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1
git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a
git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199
git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7
git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12
git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9
git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f
git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351
lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Related
redhatcve
redhatcve
CVE-2024-26642
2024-03-21 23:03:58
ubuntucve
ubuntucve
CVE-2024-26642
2024-03-21 00:00:00
debiancve
debiancve
CVE-2024-26642
2024-03-21 11:15:28
nvd
nvd
CVE-2024-26642
2024-03-21 11:15:28
cve
cve
CVE-2024-26642
2024-03-21 11:15:28
oraclelinux
oraclelinux
kernel security and bug fix update
2024-05-23 00:00:00
kernel update
2024-06-05 00:00:00
nessus
nessus
Oracle Linux 9 : kernel (ELSA-2024-3306)
2024-05-25 00:00:00
RHEL 9 : kernel (RHSA-2024:3306)
2024-05-23 00:00:00
RHEL 9 : kernel (RHSA-2024:3461)
2024-05-29 00:00:00
redhat
redhat
(RHSA-2024:3306) Moderate: kernel security and bug fix update
2024-05-23 05:51:19
(RHSA-2024:3461) Moderate: kernel security and bug fix update
2024-05-29 07:38:15
(RHSA-2024:3460) Moderate: kernel-rt security and bug fix update
2024-05-29 07:38:15
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0245
2024-04-12 00:00:00
Important Photon OS Security Update - PHSA-2024-3.0-0747
2024-04-08 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0591
2024-04-11 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2024-0141)
2024-04-23 00:00:00
Mageia: Security Advisory (MGASA-2024-0142)
2024-04-23 00:00:00
Debian: Security Advisory (DSA-5658-1)
2024-04-15 00:00:00
mageia
mageia
Updated kernel, kmod-xtables-addons, kmod-virtualbox packages fix security vulnerabilities
2024-04-23 04:20:56
Updated kernel-linus packages fix security vulnerabilities
2024-04-23 04:20:56
osv
osv
linux - security update
2024-04-13 00:00:00
Moderate: kernel-rt security and bug fix update
2024-06-14 13:59:36
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel update
2024-06-05 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel update
2024-06-14 13:59:16
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39