Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2024-26910
HistoryApr 17, 2024 - 4:15 p.m.

CVE-2024-26910

2024-04-1716:15:07
CWE-362
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
2
linux kernel
netfilter: ipset
performance regression
race condition
synchronize_rcu()
call_rcu()
garbage collectors

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: fix performance regression in swap operation

The patch “netfilter: ipset: fix race condition between swap/destroy
and kernel side add/del/test”, commit 28628fa9 fixes a race condition.
But the synchronize_rcu() added to the swap function unnecessarily slows
it down: it can safely be moved to destroy and use call_rcu() instead.

Eric Dumazet pointed out that simply calling the destroy functions as
rcu callback does not work: sets with timeout use garbage collectors
which need cancelling at destroy which can wait. Therefore the destroy
functions are split into two: cancelling garbage collectors safely at
executing the command received by netlink and moving the remaining
part only into the rcu callback.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<5.4.269
OR
linuxlinux_kernelRange5.55.10.210
OR
linuxlinux_kernelRange5.115.15.149
OR
linuxlinux_kernelRange5.166.1.79
OR
linuxlinux_kernelRange6.26.6.18
OR
linuxlinux_kernelRange6.76.7.6
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Related

vulnrichment 1
cvelist 1
redhatcve 1
debiancve 1
cve 1
ubuntucve 1
redos 1
nessus 20
openvas 14
osv 14
ubuntu 12
debian 1
vulnrichment
vulnrichment
CVE-2024-26910 netfilter: ipset: fix performance regression in swap operation
2024-04-17 15:59:21
cvelist
cvelist
CVE-2024-26910 netfilter: ipset: fix performance regression in swap operation
2024-04-17 15:59:21
redhatcve
redhatcve
CVE-2024-26910
2024-04-17 20:52:38
debiancve
debiancve
CVE-2024-26910
2024-04-17 16:15:07
cve
cve
CVE-2024-26910
2024-04-17 16:15:07
ubuntucve
ubuntucve
CVE-2024-26910
2024-04-17 00:00:00
redos
redos
ROS-20240820-09
2024-08-20 00:00:00
nessus
nessus
Amazon Linux 2 : kernel (ALASKERNEL-5.4-2024-062)
2024-04-01 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-549)
2024-03-06 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-039)
2024-03-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6767-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6767-2)
2024-05-15 00:00:00
Ubuntu: Security Advisory (USN-6766-1)
2024-05-08 00:00:00
osv
osv
linux-bluefield vulnerabilities
2024-05-14 09:00:08
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
2024-05-07 19:36:29
linux-aws, linux-aws-5.15 vulnerabilities
2024-05-20 13:05:13
ubuntu
ubuntu
Linux kernel (BlueField) vulnerabilities
2024-05-14 00:00:00
Linux kernel vulnerabilities
2024-05-07 00:00:00
Linux kernel (AWS) vulnerabilities
2024-05-20 00:00:00
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39

CVSS3

4.7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.6

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2024-26910
vulnrichment1cvelist1redhatcve1debiancve1cve1ubuntucve1redos1nessus20openvas14osv14ubuntu12debian1