CVE-2024-26581
netfilter: nft_set_rbtree: skip end interval element from gc
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_rbtree: skip end interval element from gc
rbtree lazy gc on insert might collect an end interval element that has
been just added in this transactions, skip end interval elements that
are not yet active.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_rbtree: omitir elemento de intervalo final de gc rbtree lazy gc al insertar puede recopilar un elemento de intervalo final que se acaba de agregar en estas transacciones, omitir elementos de intervalo final que aún no están activo.
A flaw was found in the Linux kernel’s Netfilter subsystem. This issue occurs in the nft_set_rbtree. rbtree lazy gc on insert, which might collect an end interval element just added in a transaction and skip the end interval elements not yet active.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-19 CVE Reserved
- 2024-02-20 CVE Published
- 2024-04-21 EPSS Updated
- 2024-09-23 First Exploit
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (18)
URL | Date | SRC |
---|---|---|
https://github.com/madfxr/CVE-2024-26581-Checker | 2024-09-23 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2024-26581 | 2024-08-28 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2265185 | 2024-08-28 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.262 < 5.4.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.262 < 5.4.269" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.190 < 5.10.210 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.190 < 5.10.210" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.15.124 < 5.15.149 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.15.124 < 5.15.149" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.1.43 < 6.1.78 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.1.43 < 6.1.78" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.5 < 6.6.17 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5 < 6.6.17" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.5 < 6.7.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5 < 6.7.5" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.5 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.5 < 6.8" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.4.8 Search vendor "Linux" for product "Linux Kernel" and version "6.4.8" | en |
Affected
|