CVE-2024-44945

Summary

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nfnetlink: Initialise extack before use in ACKs

Add missing extack initialisation when ACKing BATCH_BEGIN and BATCH_END.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbf2ac490d28c21a349e9eef81edc45320fca4a3c < 3e03b536d9454c5802168b9e85248d456d3ff6a3affected
LinuxLinuxbf2ac490d28c21a349e9eef81edc45320fca4a3c < d1a7b382a9d3f0f3e5a80e0be2991c075fa4f618affected
LinuxLinux6.10affected
LinuxLinux0 < 6.10unaffected
LinuxLinux6.10.7 <= 6.10.*unaffected
LinuxLinux6.11 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References