CVE-2024-26925

EPSS 0.07%
Veröffentlicht 25.04.2024 06:15:57
Zuletzt bearbeitet 21.11.2024 09:03:23
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path

The commit mutex should not be released during the critical section
between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC
worker could collect expired objects and get the released commit lock
within the same GC sequence.

nf_tables_module_autoload() temporarily releases the mutex to load
module dependencies, then it goes back to replay the transaction again.
Move it at the end of the abort phase after nft_gc_seq_end() is called.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 61ac7284346c32f9a8c8ceac56102f7914060428

Version 4b6346dc1edfb9839d6edee7360ed31a22fa6c95

Status affected

Version < 2cee2ff7f8cce12a63a0a23ffe27f08d99541494

Version 23292bdfda5f04e704a843b8f97b0eb95ace1ca6

Status affected

Version < eb769ff4e281f751adcaf4f4445cbf30817be139

Version b44a459c6561595ed7c3679599c5279204132b33

Status affected

Version < 8d3a58af50e46167b6f1db47adadad03c0045dae

Version 5d319f7a81431c6bb32eb4dc7d7975f99e2c8c66

Status affected

Version < 8038ee3c3e5b59bcd78467686db5270c68544e30

Version 720344340fb9be2765bbaab7b292ece0a4570eae

Status affected

Version < a34ba4bdeec0c3b629160497594908dc820110f1

Version 720344340fb9be2765bbaab7b292ece0a4570eae

Status affected

Version < 0d459e2ffb541841714839e8228b845458ed3b27

Version 720344340fb9be2765bbaab7b292ece0a4570eae

Status affected

Version f85ca36090cbb252bcbc95fc74c2853fc792694f

Status affected

Version e07e68823116563bdbc49cef185cda6f463bc534

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.5

Status affected

Version < 6.5

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.274

Status unaffected

Version <= 5.10.*

Version 5.10.215

Status unaffected

Version <= 5.15.*

Version 5.15.155

Status unaffected

Version <= 6.1.*

Version 6.1.86

Status unaffected

Version <= 6.6.*

Version 6.6.26

Status unaffected

Version <= 6.8.*

Version 6.8.5

Status unaffected

Version <= *

Version 6.9

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.209

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

https://git.kernel.org/stable/c/0d459e2ffb541841714839e8228b845458ed3b27

https://git.kernel.org/stable/c/2cee2ff7f8cce12a63a0a23ffe27f08d99541494

https://git.kernel.org/stable/c/61ac7284346c32f9a8c8ceac56102f7914060428

https://git.kernel.org/stable/c/8038ee3c3e5b59bcd78467686db5270c68544e30

https://git.kernel.org/stable/c/8d3a58af50e46167b6f1db47adadad03c0045dae

https://git.kernel.org/stable/c/a34ba4bdeec0c3b629160497594908dc820110f1

https://git.kernel.org/stable/c/eb769ff4e281f751adcaf4f4445cbf30817be139

https://nvd.nist.gov/vuln/detail/CVE-2024-26925

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-26925

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-26925

EUVD