CVE-2024-26835

netfilter: nf_tables: set dormant flag on hook register failure

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: set dormant flag on hook register failure We need to set the dormant flag again if we fail to register the hooks. During memory pressure hook registration can fail and we end up with a table marked as active but no registered hooks. On table/base chain deletion, nf_tables will attempt to unregister the hook again which yields a warn splat from the nftables core.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/a6411f3c48f991c19aaf9a24fce36865fbba28d7 patch
https://git.kernel.org/stable/c/ae4360cbd385f0d7a8a86d5723e50448cc6318f3 patch
https://git.kernel.org/stable/c/31ea574aeca1aa488e18716459bde057217637af patch
https://git.kernel.org/stable/c/664264a5c55bf97a9c571c557d477b75416199be patch
https://git.kernel.org/stable/c/0c9302a6da262e6ab6a6c1d30f04a6130ed97376 patch
https://git.kernel.org/stable/c/f2135bbf14949687e96cabb13d8a91ae3deb9069 patch
https://git.kernel.org/stable/c/6f2496366426cec18ba53f1c7f6c3ac307ca6a95 patch
https://git.kernel.org/stable/c/bccebf64701735533c8db37773eeacc6566cc8ec patch
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html mailing list

Frequently Asked Questions

What is the severity of CVE-2024-26835?
CVE-2024-26835 has been scored as a medium severity vulnerability.
How to fix CVE-2024-26835?
To fix CVE-2024-26835, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-26835 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-26835 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-26835?
CVE-2024-26835 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.