In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow.
History

Thu, 19 Dec 2024 09:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 16 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat enterprise Linux

Tue, 13 Aug 2024 23:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_e4s:9.0

Tue, 13 Aug 2024 06:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
CPEs cpe:/a:redhat:rhel_e4s:9.0::nfv
Vendors & Products Redhat rhel E4s

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-17T11:40:17.992Z

Updated: 2024-12-19T08:54:21.794Z

Reserved: 2024-02-25T13:47:42.681Z

Link: CVE-2024-27403

cve-icon Vulnrichment

Updated: 2024-08-02T00:34:52.105Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-17T12:15:10.030

Modified: 2024-11-21T09:04:32.720

Link: CVE-2024-27403

cve-icon Redhat

Severity : Low

Publid Date: 2024-05-17T00:00:00Z

Links: CVE-2024-27403 - Bugzilla