CVE-2024-35898 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() nft_unregister_flowtable_type() within nf_flow_inet_module_exit() can concurrent with __nft_flowtable_type_get() within nf_tables_newflowtable(). And thhere is not any protection when iterate over nf_tables_flowtables list in __nft_flowtable_type_get(). Therefore, there is pertential data-race of nf_tables_flowtables list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_flowtables list in __nft_flowtable_type_get(), and use rcu_read_lock() in the caller nft_flowtable_type_get() to protect the entire type query process.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Debian	Debian Linux
Linux	Linux Kernel
Redhat	Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Tus

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:8870	2024-11-05T00:00:00Z
kernel-0:4.18.0-553.27.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:8856	2024-11-05T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
kernel-0:4.18.0-372.123.1.el8_6	cpe:/o:redhat:rhel_aus:8.6	RHSA-2024:6753	2024-09-18T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
kernel-0:4.18.0-372.123.1.el8_6	cpe:/o:redhat:rhel_tus:8.6	RHSA-2024:6753	2024-09-18T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
kernel-0:4.18.0-372.123.1.el8_6	cpe:/o:redhat:rhel_e4s:8.6	RHSA-2024:6753	2024-09-18T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
kernel-0:4.18.0-477.74.1.el8_8	cpe:/o:redhat:rhel_eus:8.8	RHSA-2024:6993	2024-09-24T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-427.33.1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:5928	2024-08-28T00:00:00Z
kernel-0:5.14.0-427.33.1.el9_4	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:5928	2024-08-28T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
kernel-0:5.14.0-70.112.1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:5257	2024-08-13T00:00:00Z
kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0	cpe:/a:redhat:rhel_e4s:9.0::nfv	RHSA-2024:5256	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.73.1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:4533	2024-07-15T00:00:00Z
kernel-rt-0:5.14.0-284.73.1.rt14.358.el9_2	cpe:/a:redhat:rhel_eus:9.2::nfv	RHSA-2024:4554	2024-07-15T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304
https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8
https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007
https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df
https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331
https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b
https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77
https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-35898
https://www.cve.org/CVERecord?id=CVE-2024-35898

History

Mon, 07 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux Linux Linux linux Kernel
Weaknesses		CWE-362
CPEs		cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.9:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.9:rc2::::::
Vendors & Products		Debian Debian debian Linux Linux Linux linux Kernel

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Wed, 06 Nov 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8

Tue, 05 Nov 2024 10:45:00 +0000

Type	Values Removed	Values Added
References	https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Tue, 24 Sep 2024 11:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/o:redhat:rhel_eus:8.8

Wed, 18 Sep 2024 19:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Aus Redhat rhel Tus
CPEs		cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6
Vendors & Products		Redhat rhel Aus Redhat rhel Tus

Wed, 28 Aug 2024 23:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat enterprise Linux

Tue, 13 Aug 2024 23:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:9.0

Tue, 13 Aug 2024 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:rhel_e4s:9.0::nfv
Vendors & Products		Redhat rhel E4s

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-19T08:34:52.519Z

Updated: 2024-12-19T08:57:49.301Z

Reserved: 2024-05-17T13:50:33.114Z

Link: CVE-2024-35898

Vulnrichment

Updated: 2024-08-02T03:21:48.658Z

NVD

Status : Analyzed

Published: 2024-05-19T09:15:10.723

Modified: 2025-04-07T18:56:51.007

Link: CVE-2024-35898

Redhat

Severity : Moderate

Publid Date: 2024-05-19T00:00:00Z

Links: CVE-2024-35898 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35898", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.114Z", "datePublished": "2024-05-19T08:34:52.519Z", "dateUpdated": "2024-12-19T08:57:49.301Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:57:49.301Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "69d1fe14a680042ec913f22196b58e2c8ff1b007", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "a347bc8e6251eaee4b619da28020641eb5b0dd77", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "940d41caa71f0d3a52df2fde5fada524a993e331", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "2485bcfe05ee3cf9ca8923a94fa2e456924c79c8", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "8b891153b2e4dc0ca9d9dab8f619d49c740813df", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "e684b1674fd1ca4361812a491242ae871d6b2859", "status": "affected", "versionType": "git"}, {"version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "24225011d81b471acc0e1e315b7d9905459a6304", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "4.16", "status": "affected"}, {"version": "0", "lessThan": "4.16", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.312", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.154", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.85", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.26", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.5", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"}, {"url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"}, {"url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"}, {"url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"}, {"url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"}, {"url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"}, {"url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"}, {"url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"}], "title": "netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-05-29T18:29:13.616197Z", "id": "CVE-2024-35898", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-29T19:40:06.574Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.658Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.658Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-35898", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-29T18:29:13.616197Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-29T18:29:17.229Z"}}], "cna": {"title": "netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "69d1fe14a680042ec913f22196b58e2c8ff1b007", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "a347bc8e6251eaee4b619da28020641eb5b0dd77", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "940d41caa71f0d3a52df2fde5fada524a993e331", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "2485bcfe05ee3cf9ca8923a94fa2e456924c79c8", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "8b891153b2e4dc0ca9d9dab8f619d49c740813df", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "e684b1674fd1ca4361812a491242ae871d6b2859", "versionType": "git"}, {"status": "affected", "version": "3b49e2e94e6ebb8b23d0955d9e898254455734f8", "lessThan": "24225011d81b471acc0e1e315b7d9905459a6304", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.16"}, {"status": "unaffected", "version": "0", "lessThan": "4.16", "versionType": "semver"}, {"status": "unaffected", "version": "4.19.312", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.274", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.215", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.154", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.85", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.26", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.5", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"}, {"url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"}, {"url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"}, {"url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"}, {"url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"}, {"url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"}, {"url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"}, {"url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:57:49.301Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35898", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:57:49.301Z", "dateReserved": "2024-05-17T13:50:33.114Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-19T08:34:52.519Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "38B0B878-68DE-4077-B697-6C05B327BA9B", "versionEndExcluding": "4.19.312", "versionStartIncluding": "4.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F45A0F3C-C16D-49C4-86D6-D021C3D4B834", "versionEndExcluding": "5.4.274", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CD5894E-58E9-4B4A-B0F4-3E6BC134B8F5", "versionEndExcluding": "5.10.215", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "577E212E-7E95-4A71-9B5C-F1D1A3AFFF46", "versionEndExcluding": "5.15.154", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "325665BF-2409-49D9-B391-39AD4566FDBD", "versionEndExcluding": "6.1.85", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C520696A-A594-4FFC-A32D-12DA535CE911", "versionEndExcluding": "6.6.26", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBD6C99E-4250-4DFE-8447-FF2075939D10", "versionEndExcluding": "6.8.5", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*", "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*", "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nf_tables: corrige una posible ejecuci\u00f3n de datos en __nft_flowtable_type_get() nft_unregister_flowtable_type() dentro de nf_flow_inet_module_exit() puede coincidir con __nft_flowtable_type_get() dentro de nf_tables_newflowtable(). Y no hay ninguna protecci\u00f3n cuando se itera sobre la lista nf_tables_flowtables en __nft_flowtable_type_get(). Por lo tanto, existe una posible ejecuci\u00f3n de datos de la entrada de la lista nf_tables_flowtables. Utilice list_for_each_entry_rcu() para iterar sobre la lista nf_tables_flowtables en __nft_flowtable_type_get() y utilice rcu_read_lock() en el llamador nft_flowtable_type_get() para proteger todo el proceso de consulta de tipos."}], "id": "CVE-2024-35898", "lastModified": "2025-04-07T18:56:51.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-05-19T09:15:10.723", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/24225011d81b471acc0e1e315b7d9905459a6304"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/2485bcfe05ee3cf9ca8923a94fa2e456924c79c8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/69d1fe14a680042ec913f22196b58e2c8ff1b007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/8b891153b2e4dc0ca9d9dab8f619d49c740813df"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/940d41caa71f0d3a52df2fde5fada524a993e331"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a347bc8e6251eaee4b619da28020641eb5b0dd77"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e684b1674fd1ca4361812a491242ae871d6b2859"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8870", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.27.1.rt7.368.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8856", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.27.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:6753", "cpe": "cpe:/o:redhat:rhel_aus:8.6", "package": "kernel-0:4.18.0-372.123.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6753", "cpe": "cpe:/o:redhat:rhel_tus:8.6", "package": "kernel-0:4.18.0-372.123.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6753", "cpe": "cpe:/o:redhat:rhel_e4s:8.6", "package": "kernel-0:4.18.0-372.123.1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6993", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "kernel-0:4.18.0-477.74.1.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-09-24T00:00:00Z"}, {"advisory": "RHSA-2024:5928", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.33.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-28T00:00:00Z"}, {"advisory": "RHSA-2024:5928", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.33.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-28T00:00:00Z"}, {"advisory": "RHSA-2024:5257", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "kernel-0:5.14.0-70.112.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5256", "cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:4533", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.73.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:4554", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.73.1.rt14.358.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-15T00:00:00Z"}], "bugzilla": {"description": "kernel: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()", "id": "2281669", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281669"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process."], "name": "CVE-2024-35898", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35898\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35898\nhttps://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35898-a10e@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object