CVE-2024-26809

netfilter: nft_set_pipapo: release elements in clone only from destroy path

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use it to destroy the set, otherwise it is possible to destroy elements twice. This fix requires: 212ed75dc5fb ("netfilter: nf_tables: integrate pipapo into commit protocol") which came after: 9827a0e6e23b ("netfilter: nft_set_pipapo: release elements in clone from abort path").

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144 patch
https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c patch
https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af patch
https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2 patch
https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b patch
https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2 patch
https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-26809?
CVE-2024-26809 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26809?
To fix CVE-2024-26809, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26809 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26809 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26809?
CVE-2024-26809 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.