CVE-2024-26642
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: disallow anonymous set with timeout flag
Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9 | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351 | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < 7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199 | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < 72c1efe3f247a581667b7d368fff3bd9a03cd57a | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12 | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < 8e07c16695583a66e81f67ce4c46e94dece47ba7 | affected |
| Linux | Linux | 761da2935d6e18d178582dbdf315a3a458555505 < 16603605b667b70da974bea8216c93e7db043bf1 | affected |
| Linux | Linux | 4.1 | affected |
| Linux | Linux | 0 < 4.1 | unaffected |
| Linux | Linux | 4.19.312 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.274 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.215 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.154 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.84 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.24 <= 6.6.* | unaffected |
| Linux | Linux | 6.7.12 <= 6.7.* | unaffected |
| Linux | Linux | 6.8 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9
- https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f
- https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351
- https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199
- https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a
- https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12
- https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7
- https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Additional References
References
- https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9
- https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f
- https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351
- https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199
- https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a
- https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12
- https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7
- https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.