We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Bugpilot (Bug tracking)

Ok

THREATINT CVE Home CVE Diag Help
PUBLISHED

CVE-2024-26809

netfilter: nft_set_pipapo: release elements in clone only from destroy path

Reserved:2024-02-19
Published:2024-04-04
Updated:2024-04-04

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use it to destroy the set, otherwise it is possible to destroy elements twice. This fix requires: 212ed75dc5fb ("netfilter: nf_tables: integrate pipapo into commit protocol") which came after: 9827a0e6e23b ("netfilter: nft_set_pipapo: release elements in clone from abort path").

Product status

Default status
unaffected

4a6430b99f67 before b36b83297ff4
affected

5ccecafc728b before 362508506bf5
affected

9827a0e6e23b before 5ad233dc731a
affected

9827a0e6e23b before ff9005077141
affected

9827a0e6e23b before 821e28d5b506
affected

9827a0e6e23b before 9384b4d85c46
affected

9827a0e6e23b before b0e256f3dd2b
affected

Default status
affected

5.19
affected

Any version before 5.19
unaffected

5.10.214
unaffected

5.15.153
unaffected

6.1.83
unaffected

6.6.23
unaffected

6.7.11
unaffected

6.8.2
unaffected

6.9-rc1
unaffected

References

https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144

https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c

https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af

https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2

https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b

https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2

https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee

cve.org CVE-2024-26809

nvd.nist.gov CVE-2024-26809

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26809