CVE-2024-1086

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-1086
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-1086.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-1086
Downstream
Related
Published
2024-01-31T13:15:10Z
Modified
2025-08-09T19:01:27Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The nftverdictinit() function allows positive values as drop error within the hook verdict, and hence the nfhookslow() function can cause a double free vulnerability when NFDROP is issued with a drop error which resembles NFACCEPT.

We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

References

Affected packages