{ "dataType": "CVE_RECORD", "cveMetadata": { "cveId": "CVE-2024-26643", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-19T14:20:24.137Z", "datePublished": "2024-03-21T10:43:44.103Z", "dateUpdated": "2026-05-23T15:36:19.531Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-23T15:36:19.531Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout\n\nWhile the rhashtable set gc runs asynchronously, a race allows it to\ncollect elements from anonymous sets with timeouts while it is being\nreleased from the commit path.\n\nMingi Cho originally reported this issue in a different path in 6.1.x\nwith a pipapo set with low timeouts which is not possible upstream since\n7395dfacfff6 (\"netfilter: nf_tables: use timestamp to check for set\nelement timeout\").\n\nFix this by setting on the dead flag for anonymous sets to skip async gc\nin this case.\n\nAccording to 08e4c8c5919f (\"netfilter: nf_tables: mark newset as dead on\ntransaction abort\"), Florian plans to accelerate abort path by releasing\nobjects via workqueue, therefore, this sets on the dead flag for abort\npath too." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/netfilter/nf_tables_api.c" ], "versions": [ { "version": "8da1b048f9a501d3d7d38c188ba09d7d0d5b8c27", "lessThan": "d75a589bb92af1abf3b779cfcd1977ca11b27033", "status": "affected", "versionType": "git" }, { "version": "bbdb3b65aa91aa0a32b212f27780b28987f2d94f", "lessThan": "edcf1a3f182ecf8b6b805f0ce90570ea98c5f6bf", "status": "affected", "versionType": "git" }, { "version": "448be0774882f95a74fa5eb7519761152add601b", "lessThan": "e2d45f467096e931044f0ab7634499879d851a5c", "status": "affected", "versionType": "git" }, { "version": "d19e8bf3ea4114dd21fc35da21f398203d7f7df1", "lessThan": "291cca35818bd52a407bc37ab45a15816039e363", "status": "affected", "versionType": "git" }, { "version": "ea3eb9f2192e4fc33b795673e56c97a21987f868", "lessThan": "406b0241d0eb598a0b330ab20ae325537d8d8163", "status": "affected", "versionType": "git" }, { "version": "5f68718b34a531a556f2f50300ead2862278da26", "lessThan": "b2d6f9a5b1cf968f1eaa71085ceeb09c2cb276b1", "status": "affected", "versionType": "git" }, { "version": "5f68718b34a531a556f2f50300ead2862278da26", "lessThan": "5224afbc30c3ca9ba23e752f0f138729b2c48dd8", "status": "affected", "versionType": "git" }, { "version": "5f68718b34a531a556f2f50300ead2862278da26", "lessThan": "552705a3650bbf46a22b1adedc1b04181490fc36", "status": "affected", "versionType": "git" }, { "version": "0624f190b5742a1527cd938295caa8dc5281d4cd", "status": "affected", "versionType": "git" }, { "version": "5.4.262", "lessThan": "5.4.274", "status": "affected", "versionType": "semver" }, { "version": "5.10.198", "lessThan": "5.10.215", "status": "affected", "versionType": "semver" }, { "version": "5.15.134", "lessThan": "5.15.154", "status": "affected", "versionType": "semver" }, { "version": "6.1.56", "lessThan": "6.1.84", "status": "affected", "versionType": "semver" }, { "version": "6.4.11", "lessThan": "6.5", "status": "affected", "versionType": "semver" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "net/netfilter/nf_tables_api.c" ], "versions": [ { "version": "6.5", "status": "affected" }, { "version": "0", "lessThan": "6.5", "status": "unaffected", "versionType": "semver" }, { "version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.154", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.84", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.6.24", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.7.12", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.262", "versionEndExcluding": "5.4.274" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.198", "versionEndExcluding": "5.10.215" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.134", "versionEndExcluding": "5.15.154" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.56", "versionEndExcluding": "6.1.84" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.6.24" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.7.12" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.5", "versionEndExcluding": "6.8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.4.11" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/d75a589bb92af1abf3b779cfcd1977ca11b27033" }, { "url": "https://git.kernel.org/stable/c/edcf1a3f182ecf8b6b805f0ce90570ea98c5f6bf" }, { "url": "https://git.kernel.org/stable/c/e2d45f467096e931044f0ab7634499879d851a5c" }, { "url": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363" }, { "url": "https://git.kernel.org/stable/c/406b0241d0eb598a0b330ab20ae325537d8d8163" }, { "url": "https://git.kernel.org/stable/c/b2d6f9a5b1cf968f1eaa71085ceeb09c2cb276b1" }, { "url": "https://git.kernel.org/stable/c/5224afbc30c3ca9ba23e752f0f138729b2c48dd8" }, { "url": "https://git.kernel.org/stable/c/552705a3650bbf46a22b1adedc1b04181490fc36" } ], "title": "netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout", "x_generator": { "engine": "bippy-1.2.0" } }, "adp": [ { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2024-06-21T16:08:32.631906Z", "id": "CVE-2024-26643", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-21T16:08:41.862Z" } }, { "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:07:19.747Z" }, "title": "CVE Program Container", "references": [ { "url": "https://git.kernel.org/stable/c/d75a589bb92af1abf3b779cfcd1977ca11b27033", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/edcf1a3f182ecf8b6b805f0ce90570ea98c5f6bf", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/e2d45f467096e931044f0ab7634499879d851a5c", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/291cca35818bd52a407bc37ab45a15816039e363", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/406b0241d0eb598a0b330ab20ae325537d8d8163", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/b2d6f9a5b1cf968f1eaa71085ceeb09c2cb276b1", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/5224afbc30c3ca9ba23e752f0f138729b2c48dd8", "tags": [ "x_transferred" ] }, { "url": "https://git.kernel.org/stable/c/552705a3650bbf46a22b1adedc1b04181490fc36", "tags": [ "x_transferred" ] }, { "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": [ "x_transferred" ] } ] }, { "x_adpType": "supplier", "providerMetadata": { "orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e", "shortName": "siemens-SADP", "dateUpdated": "2026-05-12T11:49:23.174Z" }, "affected": [ { "vendor": "Siemens", "product": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem", "versions": [ { "status": "affected", "version": "0", "lessThan": "*", "versionType": "custom" } ], "defaultStatus": "unknown" } ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html" } ] } ] }, "dataVersion": "5.2" }