CVE-2024-26581

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-26581
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8 Patch
https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb Patch
https://git.kernel.org/stable/c/2bab493a5624444ec6e648ad0d55a362bcb4c003 Patch
https://git.kernel.org/stable/c/4cee42fcf54fec46b344681e7cc4f234bb22f85a Patch
https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 Patch
https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9 Patch
https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7 Patch
https://git.kernel.org/stable/c/c60d252949caf9aba537525195edae6bbabc35eb
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

25 Jun 2024, 23:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html -

16 Jun 2024, 13:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/c60d252949caf9aba537525195edae6bbabc35eb -

19 Apr 2024, 17:41

Type Values Removed Values Added
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8 - () https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8 - Patch
References () https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb - () https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb - Patch
References () https://git.kernel.org/stable/c/2bab493a5624444ec6e648ad0d55a362bcb4c003 - () https://git.kernel.org/stable/c/2bab493a5624444ec6e648ad0d55a362bcb4c003 - Patch
References () https://git.kernel.org/stable/c/4cee42fcf54fec46b344681e7cc4f234bb22f85a - () https://git.kernel.org/stable/c/4cee42fcf54fec46b344681e7cc4f234bb22f85a - Patch
References () https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 - () https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 - Patch
References () https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9 - () https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9 - Patch
References () https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7 - () https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7 - Patch
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CWE NVD-CWE-noinfo
First Time Linux
Linux linux Kernel

23 Feb 2024, 09:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/4cee42fcf54fec46b344681e7cc4f234bb22f85a -
  • () https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8 -
  • () https://git.kernel.org/stable/c/2bab493a5624444ec6e648ad0d55a362bcb4c003 -

20 Feb 2024, 18:15

Type Values Removed Values Added
Summary netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.
References
  • {'url': 'https://git.kernel.org/stable/c/6eb14441f106', 'name': 'https://git.kernel.org/stable/c/6eb14441f106', 'tags': [], 'refsource': ''}
  • {'url': 'https://git.kernel.org/stable/c/b734f7a47aeb', 'name': 'https://git.kernel.org/stable/c/b734f7a47aeb', 'tags': [], 'refsource': ''}
  • {'url': 'https://git.kernel.org/stable/c/1296c110c5a0', 'name': 'https://git.kernel.org/stable/c/1296c110c5a0', 'tags': [], 'refsource': ''}
  • {'url': 'https://git.kernel.org/stable/c/60c0c230c6f0', 'name': 'https://git.kernel.org/stable/c/60c0c230c6f0', 'tags': [], 'refsource': ''}
  • () https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9 -
  • () https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb -
  • () https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7 -
  • () https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 -

20 Feb 2024, 13:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-20 13:15

Updated : 2024-06-25 23:15

NVD link : CVE-2024-26581

Mitre link : CVE-2024-26581

CVE.ORG link : CVE-2024-26581

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024