CVE-2024-27017

netfilter: nft_set_pipapo: walk over current view on netlink dump

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set. Based on patch from Florian Westphal.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.07%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/ff89db14c63a827066446460e39226c0688ef786
https://git.kernel.org/stable/c/ce9fef54c5ec9912a0c9a47bac3195cc41b14679
https://git.kernel.org/stable/c/52735a010f37580b3a569a996f878fdd87425650
https://git.kernel.org/stable/c/f24d8abc2bb8cbf31ec713336e402eafa8f42f60
https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed patch
https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73 patch

Frequently Asked Questions

What is the severity of CVE-2024-27017?
CVE-2024-27017 has been scored as a medium severity vulnerability.
How to fix CVE-2024-27017?
To fix CVE-2024-27017, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-27017 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-27017 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-27017?
CVE-2024-27017 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.