CVE-2024-27017 — Linux vulnerability

18 documents9 sources

Severity

5.5MEDIUMNVD

EPSS

0.0%

top 98.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Fedoraproject Fedora

Timeline

PublishedMay 1

Latest updateSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set. Based on patch from Florian Westphal.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶NVDlinux/linux_kernel6.4 — 6.8.8+1

▶Debianlinux/linux_kernel< 5.10.234-1+3

▶CVEListV5linux/linux2a90da8e0dd50f42e577988f4219f4f4cd3616b7 — ff89db14c63a827066446460e39226c0688ef786+7

Also affects: Fedora 38, 39, 40

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

OSV

CVE-2024-27017: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation m↗2024-05-01

▶

GHSA

GHSA-qhh4-wrfh-w5pg: In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation↗2024-05-01

▶

CVEList

netfilter: nft_set_pipapo: walk over current view on netlink dump↗2024-05-01

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2024-09-18

▶

Ubuntu

Linux kernel (Oracle) vulnerabilities↗2024-08-13

▶

Ubuntu

Linux kernel (Azure) vulnerabilities↗2024-08-12

▶

Ubuntu

Linux kernel vulnerabilities↗2024-07-30

▶

Ubuntu

Linux kernel vulnerabilities↗2024-07-30

▶

💬Community

Bugzilla

CVE-2024-27017 kernel: netfilter: nft_set_pipapo: walk over current view on netlink dump↗2024-05-01

▶