CVE-2024-27397Use After Free in Linux

CWE-416Use After Free31 documents10 sources
Severity
7.0HIGHNVD
OSV7.8OSV5.5
EPSS
0.0%
top 88.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
LinuxLinux KernelDebian Linux+10 more
Timeline
PublishedMay 14
Latest updateNov 21

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use timestamp to check for set element timeout Add a timestamp field at the beginning of the transaction, store it in the nftables per-netns area. Update set backend .insert, .deactivate and sync gc path to use the timestamp, this avoids that an element expires while control plane transaction is still unfinished. .lookup and .update, which are used from packet path, still use the current time to check i

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages15 packages

NVDlinux/linux_kernel4.14.19.320+7
Debianlinux/linux_kernel< 5.10.226-1+3
Ubuntulinux/linux_kernel< 5.4.0-198.218+3
CVEListV5linux/linuxc3e1b005ed1cc068fc9d454a6e745830d55d251df8dfda798650241c1692058713ca4fef8e429061+8
debiandebian/linux< linux 6.1.99-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

14
Kernel
slab: Achieve better kmalloc caches randomization in kvmalloc2025-02-12
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities2024-12-10
OSV
linux-oracle vulnerabilities2024-11-25
OSV
linux-azure vulnerabilities2024-11-20
OSV
linux-iot vulnerabilities2024-11-19

📋Vendor Advisories

15
Chrome
Long Term Support Channel Update for ChromeOS: CVE-2025-132232025-11-21
Ubuntu
Linux kernel vulnerabilities2024-12-10
Ubuntu
Linux kernel (Oracle) vulnerabilities2024-11-25
Ubuntu
Linux kernel (Azure) vulnerabilities2024-11-20
Ubuntu
Linux kernel (IoT) vulnerabilities2024-11-19

💬Community

1
Bugzilla
CVE-2024-27397 kernel: netfilter: nf_tables: use timestamp to check for set element timeout2024-05-14