A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
History

Wed, 14 Aug 2024 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
Netapp
Netapp 500f
Netapp 500f Firmware
Netapp a250
Netapp a250 Firmware
Netapp c250
Netapp c250 Firmware
CPEs cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
Vendors & Products Debian
Debian debian Linux
Netapp
Netapp 500f
Netapp 500f Firmware
Netapp a250
Netapp a250 Firmware
Netapp c250
Netapp c250 Firmware

Wed, 14 Aug 2024 01:30:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: Google

Published: 2024-01-31T12:14:34.073Z

Updated: 2024-08-01T18:26:30.467Z

Reserved: 2024-01-30T20:04:09.704Z

Link: CVE-2024-1086

cve-icon Vulnrichment

Updated: 2024-08-01T18:26:30.467Z

cve-icon NVD

Status : Modified

Published: 2024-01-31T13:15:10.827

Modified: 2024-11-21T08:49:46.013

Link: CVE-2024-1086

cve-icon Redhat

Severity : Important

Publid Date: 2024-01-31T00:00:00Z

Links: CVE-2024-1086 - Bugzilla