THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2024-26642

netfilter: nf_tables: disallow anonymous set with timeout flag

AssignerLinux
Reserved2024-02-19
Published2024-03-21
Updated2024-07-05

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

Product status

Default status
unaffected

761da2935d6e before e4988d8415bd
affected

761da2935d6e before e9a0d3f376eb
affected

761da2935d6e before fe40ffbca19d
affected

761da2935d6e before 7cdc1be24cc1
affected

761da2935d6e before 72c1efe3f247
affected

761da2935d6e before c0c2176d1814
affected

761da2935d6e before 8e07c1669558
affected

761da2935d6e before 16603605b667
affected

Default status
affected

4.1
affected

Any version before 4.1
unaffected

4.19.312
unaffected

5.4.274
unaffected

5.10.215
unaffected

5.15.154
unaffected

6.1.84
unaffected

6.6.24
unaffected

6.7.12
unaffected

6.8
unaffected

References

https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9

https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f

https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351

https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199

https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a

https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12

https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7

https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

cve.org CVE-2024-26642

nvd.nist.gov CVE-2024-26642

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26642
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
© Copyright 2024 THREATINT. Made in Cyprus with +