{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26835", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.181Z", "datePublished": "2024-04-17T10:10:02.907Z", "dateUpdated": "2024-09-11T17:33:28.802Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-16T12:20:36.994Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: set dormant flag on hook register failure\n\nWe need to set the dormant flag again if we fail to register\nthe hooks.\n\nDuring memory pressure hook registration can fail and we end up\nwith a table marked as active but no registered hooks.\n\nOn table/base chain deletion, nf_tables will attempt to unregister\nthe hook again which yields a warn splat from the nftables core."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "bf8083bbf8fa", "lessThan": "a6411f3c48f9", "status": "affected", "versionType": "git"}, {"version": "e10f661adc55", "lessThan": "ae4360cbd385", "status": "affected", "versionType": "git"}, {"version": "d9c4da8cb74e", "lessThan": "31ea574aeca1", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a", "lessThan": "664264a5c55b", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a", "lessThan": "0c9302a6da26", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a", "lessThan": "f2135bbf1494", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a", "lessThan": "6f2496366426", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a", "lessThan": "bccebf647017", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.270", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.211", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.150", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.80", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.19", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7.7", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7"}, {"url": "https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3"}, {"url": "https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af"}, {"url": "https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be"}, {"url": "https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376"}, {"url": "https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069"}, {"url": "https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95"}, {"url": "https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "title": "netfilter: nf_tables: set dormant flag on hook register failure", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.604Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26835", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:51.357992Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:28.802Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.604Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26835", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:48:51.357992Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.887Z"}}], "cna": {"title": "netfilter: nf_tables: set dormant flag on hook register failure", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "bf8083bbf8fa", "lessThan": "a6411f3c48f9", "versionType": "git"}, {"status": "affected", "version": "e10f661adc55", "lessThan": "ae4360cbd385", "versionType": "git"}, {"status": "affected", "version": "d9c4da8cb74e", "lessThan": "31ea574aeca1", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a", "lessThan": "664264a5c55b", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a", "lessThan": "0c9302a6da26", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a", "lessThan": "f2135bbf1494", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a", "lessThan": "6f2496366426", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a", "lessThan": "bccebf647017", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "custom"}, {"status": "unaffected", "version": "5.4.270", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.211", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.150", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.80", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.19", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.7", "versionType": "custom", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7"}, {"url": "https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3"}, {"url": "https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af"}, {"url": "https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be"}, {"url": "https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376"}, {"url": "https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069"}, {"url": "https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95"}, {"url": "https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: set dormant flag on hook register failure\n\nWe need to set the dormant flag again if we fail to register\nthe hooks.\n\nDuring memory pressure hook registration can fail and we end up\nwith a table marked as active but no registered hooks.\n\nOn table/base chain deletion, nf_tables will attempt to unregister\nthe hook again which yields a warn splat from the nftables core."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-06-16T12:20:36.994Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26835", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:33:28.802Z", "dateReserved": "2024-02-19T14:20:24.181Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-17T10:10:02.907Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: set dormant flag on hook register failure\n\nWe need to set the dormant flag again if we fail to register\nthe hooks.\n\nDuring memory pressure hook registration can fail and we end up\nwith a table marked as active but no registered hooks.\n\nOn table/base chain deletion, nf_tables will attempt to unregister\nthe hook again which yields a warn splat from the nftables core."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nf_tables: establece el indicador inactivo en caso de error en el registro del enlace. Necesitamos configurar el indicador inactivo nuevamente si no logramos registrar los enlaces. Durante la presi\u00f3n de la memoria, el registro de ganchos puede fallar y terminamos con una tabla marcada como activa pero sin ganchos registrados. Al eliminar la tabla/cadena base, nf_tables intentar\u00e1 cancelar el registro del gancho nuevamente, lo que genera un s\u00edmbolo de advertencia desde el n\u00facleo de nftables."}], "id": "CVE-2024-26835", "lastModified": "2024-06-25T23:15:26.347", "metrics": {}, "published": "2024-04-17T10:15:09.667", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: netfilter: nf_tables: set dormant flag on hook register failure", "id": "2275584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275584"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-459", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: set dormant flag on hook register failure\nWe need to set the dormant flag again if we fail to register\nthe hooks.\nDuring memory pressure hook registration can fail and we end up\nwith a table marked as active but no registered hooks.\nOn table/base chain deletion, nf_tables will attempt to unregister\nthe hook again which yields a warn splat from the nftables core."], "name": "CVE-2024-26835", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26835\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26835\nhttps://lore.kernel.org/linux-cve-announce/2024041714-CVE-2024-26835-083d@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.4.270, kernel 5.10.211, kernel 5.15.150, kernel 6.1.80, kernel 6.6.19, kernel 6.7.7, kernel 6.8"}