PT-2024-1596 · Linux+8 · Linux Kernel+8
Lonial Con
·
Published
2024-01-17
·
Updated
2025-09-19
·
CVE-2024-1085
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A use-after-free vulnerability in the Linux kernel's netfilter: nf tables component can be exploited to achieve local privilege escalation. The
nft setelem catchall deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability.Recommendations
Upgrade past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 to resolve the issue. As a temporary workaround, consider disabling the
nft setelem catchall deactivate() function until a patch is available. Restrict access to the vulnerable netfilter: nf tables component to minimize the risk of exploitation.Exploit
Fix
DoS
LPE
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu