PT-2024-9915 · Linux+9 · Linux Kernel+9

Published

2024-02-19

·

Updated

2025-09-29

·

CVE-2024-26642

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)
Description: The issue is related to the netfilter component of the Linux kernel, specifically with the nf tables subsystem. It involves disallowing anonymous sets with a timeout flag, as anonymous sets are never used with timeout from userspace. An exception to this rule is made for NFT SET EVAL to ensure legacy meters still work. The vulnerability is related to incorrect control of resource identifiers, which could allow an attacker to elevate their privileges.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

ALSA-2024:3306
ALSA-2024:3618
ALSA-2024:3627
ALSA-2025_16880
BDU:2025-00024
CESA-2024_3618
CESA-2024_3627
CVE-2024-26642
DLA-3840-1
DLA-3842-1
DSA-5658-1
DSA-5681-1
INFSA-2024_3306
INFSA-2024_3618
INFSA-2024_3627
LSN-0105-1
MGASA-2024-0141
MGASA-2024-0142
OESA-2024-1617
OESA-2024-1618
OESA-2024-1622
OESA-2024-1647
OESA-2024-1648
OESA-2024-1649
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1489-1
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_1641-1
RHSA-2024:3306
RHSA-2024:3460
RHSA-2024:3461
RHSA-2024:3618
RHSA-2024:3627
RHSA-2024:3810
RHSA-2024:4107
RHSA-2024:5256
RHSA-2024:5257
RHSA-2024_3306
RHSA-2024_3618
RHSA-2024_3627
RLSA-2024:3618
RLSA-2024:3627
SUSE-SU-2024:1454-1
SUSE-SU-2024:1465-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1489-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1641-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1647-1
SUSE-SU-2024:1870-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
USN-6865-1
USN-6866-1
USN-6866-2
USN-6866-3
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6896-1
USN-6896-2
USN-6896-3
USN-6896-4
USN-6896-5
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6900-1
USN-6917-1
USN-6919-1
USN-6927-1
USN-7019-1

Affected Products

Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu