CVE-2024-26581

Published Feb 20, 2024

Last updated 10 days ago

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Modified

Hype score: Not currently trending

Exploiting CVE-2024-26581: use-after-free in Linux kernel nftables subsystem https://t.co/YX0UdVreSu #Linux #cybersecurity https://t.co/mCUb5hoHfu
@0xor0ne
Oct 23, 2024 3:00 PM
10100 Impressions
29 Retweets
161 Likes
58 Bookmarks
1 Reply
2 Quotes

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-416

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48E561A5-2F59-4E74-BFAB-39B8D844FD15",
            "versionEndExcluding": "5.4.269"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B39742A2-A0C1-490C-95CC-FB78D6D70698",
            "versionEndExcluding": "5.10.210",
            "versionStartIncluding": "5.5.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6FB1C44-BEEE-4D31-AD44-E15806EA6249",
            "versionEndExcluding": "5.15.149",
            "versionStartIncluding": "5.11.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ED93437-2DAD-459B-8B46-01C911BDE283",
            "versionEndExcluding": "6.1.78",
            "versionStartIncluding": "5.16.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B4E27C1-FDA4-443A-8088-7D297EB2997B",
            "versionEndExcluding": "6.6.17",
            "versionStartIncluding": "6.2.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06B690E0-5DAC-44EC-947A-D6E4EB0475CA",
            "versionEndExcluding": "6.7.5",
            "versionStartIncluding": "6.7.0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 3.1

Weaknesses

Configurations

References