CVE-2024-26642

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: disallow anonymous set with timeout flag

Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9affected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < e9a0d3f376eb356d54ffce36e7cc37514cbfbd6faffected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351affected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < 7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199affected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < 72c1efe3f247a581667b7d368fff3bd9a03cd57aaffected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12affected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < 8e07c16695583a66e81f67ce4c46e94dece47ba7affected
LinuxLinux761da2935d6e18d178582dbdf315a3a458555505 < 16603605b667b70da974bea8216c93e7db043bf1affected
LinuxLinux4.1affected
LinuxLinux0 < 4.1unaffected
LinuxLinux4.19.312 <= 4.19.*unaffected
LinuxLinux5.4.274 <= 5.4.*unaffected
LinuxLinux5.10.215 <= 5.10.*unaffected
LinuxLinux5.15.154 <= 5.15.*unaffected
LinuxLinux6.1.84 <= 6.1.*unaffected
LinuxLinux6.6.24 <= 6.6.*unaffected
LinuxLinux6.7.12 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

Additional References

References