CVE-2024-27397

Published May 14, 2024

Last updated 6 months ago

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to use the timestamp, this avoids that an element expires while control plane transaction is still unfinished. .lookup and .update, which are used from packet path, still use the current time to check if the element has expired. And .get path and dump also since this runs lockless under rcu read size lock. Then, there is async gc which also needs to check the current time since it runs asynchronously from a workqueue.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Awaiting Analysis

Hype score: Not currently trending

''Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released'' #infosec #pentest #redteam #blueteam https://t.co/pjvhj0AJ43
@CyberWarship
21 Jan 2025
1879 Impressions
10 Retweets
19 Likes
8 Bookmarks
0 Replies
0 Quotes
CVE-2024-27397 PoC Exploit Code Released #CVE-2024-27397 #PoCExploitCode #LinuxKernel https://t.co/wTwQ8dSlbd
@pravin_karthik
17 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Una vulnerabilidad recientemente revelada en el componente de nf_tables netfilter del kernel de Linux (CVE-2024-27397) ha hecho saltar las alarmas en la comunidad de ciberseguridad. Esta falla de uso después de liberar, que afecta a las versiones 4.1 a 6.8 del kernel. https://t.c
@AlexCalvillo_SI
15 Jan 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical vulnerability CVE-2024-27397 in the Linux kernel could allow local privilege escalation. Affects versions 4.1-6.8. Immediate updates recommended. ⚠️ #LinuxVulnerability #PrivilegeEscalation #USA #CybersecurityNews link: https://t.co/2KjSBAnhM7 https://t.co/beXSDTBIve
@TweetThreatNews
14 Jan 2025
24 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Linux Kernel Yetki Yükseltme Zafiyeti (CVE-2024-27397) İstismar Ediliyor: PoC Yayınlandı https://t.co/1VyMkkh3Yw
@cyberwebeyeos
14 Jan 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released https://t.co/mgALCkHBSH
@Dinosn
14 Jan 2025
3395 Impressions
12 Retweets
33 Likes
14 Bookmarks
0 Replies
1 Quote
Linux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited: PoC Released https://t.co/v5ILmP9OGU "This use-after-free flaw, which affects versions 4.1 through 6.8, has a CVSS score of 7.0, signifying its potential to allow local privilege escalation."
@catnap707
14 Jan 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

https://nvd.nist.gov/vuln/detail/CVE-2024-27397
https://git.kernel.org/stable/c/0d40e8cb1d1f56a994cdd2e015af622fdca9ed4d
https://git.kernel.org/stable/c/383182db8d58c4237772ba0764cded4938a235c3
https://git.kernel.org/stable/c/7395dfacfff65e9938ac0889dafa1ab01e987d15
https://git.kernel.org/stable/c/7b17de2a71e56c10335b565cc7ad238e6d984379
https://git.kernel.org/stable/c/b45176b869673417ace338b87cf9cdb66e2eeb01
https://git.kernel.org/stable/c/eaf1a29ea5d7dba8e84e9e9f3b3f47d0cd540bfe
https://git.kernel.org/stable/c/f8dfda798650241c1692058713ca4fef8e429061

Overview

Social media

References