{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-26809", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.179Z", "datePublished": "2024-04-04T09:51:51.245Z", "dateUpdated": "2026-05-11T20:04:35.495Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:04:35.495Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: release elements in clone only from destroy path\n\nClone already always provides a current view of the lookup table, use it\nto destroy the set, otherwise it is possible to destroy elements twice.\n\nThis fix requires:\n\n 212ed75dc5fb (\"netfilter: nf_tables: integrate pipapo into commit protocol\")\n\nwhich came after:\n\n 9827a0e6e23b (\"netfilter: nft_set_pipapo: release elements in clone from abort path\")."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nft_set_pipapo.c"], "versions": [{"version": "4a6430b99f67842617c7208ca55a411e903ba03a", "lessThan": "b36b83297ff4910dfc8705402c8abffd4bbf8144", "status": "affected", "versionType": "git"}, {"version": "5ccecafc728b0df48263d5ac198220bcd79830bc", "lessThan": "362508506bf545e9ce18c72a2c48dcbfb891ab9c", "status": "affected", "versionType": "git"}, {"version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "5ad233dc731ab64cdc47b84a5c1f78fff6c024af", "status": "affected", "versionType": "git"}, {"version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "ff90050771412b91e928093ccd8736ae680063c2", "status": "affected", "versionType": "git"}, {"version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "821e28d5b506e6a73ccc367ff792bd894050d48b", "status": "affected", "versionType": "git"}, {"version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "9384b4d85c46ce839f51af01374062ce6318b2f2", "status": "affected", "versionType": "git"}, {"version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "b0e256f3dd2ba6532f37c5c22e07cb07a36031ee", "status": "affected", "versionType": "git"}, {"version": "d2b18d110685ce46ca1633b8ec586c685e243a51", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nft_set_pipapo.c"], "versions": [{"version": "5.19", "status": "affected"}, {"version": "0", "lessThan": "5.19", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.214", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.153", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.2", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.130", "versionEndExcluding": "5.10.214"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.54", "versionEndExcluding": "5.15.153"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.1.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.8.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19", "versionEndExcluding": "6.9"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.18.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144"}, {"url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c"}, {"url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af"}, {"url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2"}, {"url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b"}, {"url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2"}, {"url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee"}], "title": "netfilter: nft_set_pipapo: release elements in clone only from destroy path", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.546Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26809", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:50:40.137148Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:44.659Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:14:13.546Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-26809", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:50:40.137148Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:18.457Z"}}], "cna": {"title": "netfilter: nft_set_pipapo: release elements in clone only from destroy path", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4a6430b99f67842617c7208ca55a411e903ba03a", "lessThan": "b36b83297ff4910dfc8705402c8abffd4bbf8144", "versionType": "git"}, {"status": "affected", "version": "5ccecafc728b0df48263d5ac198220bcd79830bc", "lessThan": "362508506bf545e9ce18c72a2c48dcbfb891ab9c", "versionType": "git"}, {"status": "affected", "version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "5ad233dc731ab64cdc47b84a5c1f78fff6c024af", "versionType": "git"}, {"status": "affected", "version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "ff90050771412b91e928093ccd8736ae680063c2", "versionType": "git"}, {"status": "affected", "version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "821e28d5b506e6a73ccc367ff792bd894050d48b", "versionType": "git"}, {"status": "affected", "version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "9384b4d85c46ce839f51af01374062ce6318b2f2", "versionType": "git"}, {"status": "affected", "version": "9827a0e6e23bf43003cd3d5b7fb11baf59a35e1e", "lessThan": "b0e256f3dd2ba6532f37c5c22e07cb07a36031ee", "versionType": "git"}, {"status": "affected", "version": "d2b18d110685ce46ca1633b8ec586c685e243a51", "versionType": "git"}], "programFiles": ["net/netfilter/nft_set_pipapo.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.19"}, {"status": "unaffected", "version": "0", "lessThan": "5.19", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.214", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.153", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8.2", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nft_set_pipapo.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144"}, {"url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c"}, {"url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af"}, {"url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2"}, {"url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b"}, {"url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2"}, {"url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: release elements in clone only from destroy path\n\nClone already always provides a current view of the lookup table, use it\nto destroy the set, otherwise it is possible to destroy elements twice.\n\nThis fix requires:\n\n 212ed75dc5fb (\"netfilter: nf_tables: integrate pipapo into commit protocol\")\n\nwhich came after:\n\n 9827a0e6e23b (\"netfilter: nft_set_pipapo: release elements in clone from abort path\")."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.10.130"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.15.54"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.23", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.11", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.2", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "5.19"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "5.18.11"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T20:04:35.495Z"}}}, "cveMetadata": {"cveId": "CVE-2024-26809", "state": "PUBLISHED", "dateUpdated": "2026-05-11T20:04:35.495Z", "dateReserved": "2024-02-19T14:20:24.179Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-04T09:51:51.245Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "22B07DEF-9858-4D7B-ACDE-078D5421F0D5", "versionEndExcluding": "5.10.214", "versionStartIncluding": "5.10.130", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C0EF0BE-4A28-471E-B665-E3CB7A66436C", "versionEndExcluding": "5.15.153", "versionStartIncluding": "5.15.54", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "2C0C1B61-8338-4B49-BB56-B33CD1C6BA3A", "versionEndExcluding": "6.1.83", "versionStartIncluding": "5.18.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E00814DC-0BA7-431A-9926-80FEB4A96C68", "versionEndExcluding": "6.6.23", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9B95D3A6-E162-47D5-ABFC-F3FA74FA7CFD", "versionEndExcluding": "6.7.11", "versionStartIncluding": "6.7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "543A75FF-25B8-4046-A514-1EA8EDD87AB1", "versionEndExcluding": "6.8.2", "versionStartIncluding": "6.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: release elements in clone only from destroy path\n\nClone already always provides a current view of the lookup table, use it\nto destroy the set, otherwise it is possible to destroy elements twice.\n\nThis fix requires:\n\n 212ed75dc5fb (\"netfilter: nf_tables: integrate pipapo into commit protocol\")\n\nwhich came after:\n\n 9827a0e6e23b (\"netfilter: nft_set_pipapo: release elements in clone from abort path\")."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: netfilter: nft_set_pipapo: libera elementos en el clon solo desde la ruta de destrucci\u00f3n. El clon ya siempre proporciona una vista actual de la tabla de b\u00fasqueda, \u00fasala para destruir el conjunto; de lo contrario, es posible destruir elementos. dos veces. Esta soluci\u00f3n requiere: 212ed75dc5fb (\"netfilter: nf_tables: integrar pipapo en el protocolo de confirmaci\u00f3n\") que vino despu\u00e9s: 9827a0e6e23b (\"netfilter: nft_set_pipapo: liberar elementos en clon desde la ruta de cancelaci\u00f3n\")."}], "id": "CVE-2024-26809", "lastModified": "2025-03-19T16:19:56.507", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-04-04T10:15:09.820", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/362508506bf545e9ce18c72a2c48dcbfb891ab9c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5ad233dc731ab64cdc47b84a5c1f78fff6c024af"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/821e28d5b506e6a73ccc367ff792bd894050d48b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9384b4d85c46ce839f51af01374062ce6318b2f2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b0e256f3dd2ba6532f37c5c22e07cb07a36031ee"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b36b83297ff4910dfc8705402c8abffd4bbf8144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ff90050771412b91e928093ccd8736ae680063c2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: netfilter: nft_set_pipapo: release elements in clone only from destroy path", "id": "2273402", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273402"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nft_set_pipapo: release elements in clone only from destroy path\nClone already always provides a current view of the lookup table, use it\nto destroy the set, otherwise it is possible to destroy elements twice.\nThis fix requires:\n212ed75dc5fb (\"netfilter: nf_tables: integrate pipapo into commit protocol\")\nwhich came after:\n9827a0e6e23b (\"netfilter: nft_set_pipapo: release elements in clone from abort path\").", "A vulnerability was found in the Linux kernel's Netfilter subsystem. More specifically, the issue is related to the `nft_set_pipapo` function, where releasing elements from cloned structures occurs outside the intended destroy path. This improper handling could lead to resource leaks or stability issues."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-26809", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-26809\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-26809\nhttps://lore.kernel.org/linux-cve-announce/2024040401-CVE-2024-26809-b0d1@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{}