CVE-2024-41043

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink_queue: drop bogus WARN_ON

Happens when rules get flushed/deleted while packet is out, so remove this WARN_ON.

This WARN exists in one form or another since v4.14, no need to backport this to older releases, hence use a more recent fixes tag.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3f801968889459ecae1eab524b039676e6eaa319 < 86858da8335db48bde9be02abd7156a69d622e86affected
LinuxLinux3f801968889459ecae1eab524b039676e6eaa319 < 631a4b3ddc7831b20442c59c28b0476d0704c9afaffected
LinuxLinux6.9affected
LinuxLinux0 < 6.9unaffected
LinuxLinux6.9.10 <= 6.9.*unaffected
LinuxLinux6.10 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References