PT-2024-3792 · Linux+5 · Linux Kernel+5

Published

2024-01-24

Updated

2024-12-19

CVE-2024-26609

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a component of the Linux kernel's netfilter, specifically involving the use of memory after it has been freed in the nft verdict init() function within the net/netfilter/nf tables api.c module. This could potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2024:2394

ALSA-2024:2950

ALSA-2024:3138

BDU:2024-04145

CESA-2024_2950

CESA-2024_3138

CVE-2024-26609

INFSA-2024_2394

INFSA-2024_2950

INFSA-2024_3138

RHSA-2024:2394

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024_2394

RHSA-2024_2950

RHSA-2024_3138

RLSA-2024:2950

RLSA-2024:3138

Affected Products

Almalinux

Centos

Linux Kernel

Red Hat

Red Os

Rocky Linux

PT-2024-3792 · Linux+5 · Linux Kernel+5

CVE-2024-26609

Weakness Enumeration

Related Identifiers

Affected Products

References · 271