CVE-2024-44944

netfilter: ctnetlink: use helper function to calculate expect ID

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450 patch
https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435 patch
https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184 patch
https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61 patch
https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39 patch
https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd patch
https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f patch
https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299 patch
https://www.zerodayinitiative.com/advisories/ZDI-24-1182/

Frequently Asked Questions

What is the severity of CVE-2024-44944?
CVE-2024-44944 has been scored as a medium severity vulnerability.
How to fix CVE-2024-44944?
To fix CVE-2024-44944, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-44944 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-44944 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-44944?
CVE-2024-44944 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.