CVE-2024-26925
- Source
- https://cve.org/CVERecord?id=CVE-2024-26925
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26925.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-26925
- Downstream
- Related
- Published
- 2024-04-24T21:49:23.251Z
- Modified
- 2026-03-14T12:27:42.798103Z
- Summary
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nftables: release mutex after nftgcseqend from abort path
The commit mutex should not be released during the critical section between nftgcseqbegin() and nftgcseqend(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence.
nftablesmoduleautoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nftgcseqend() is called.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26925.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0d459e2ffb541841714839e8228b845458ed3b27
- https://git.kernel.org/stable/c/2cee2ff7f8cce12a63a0a23ffe27f08d99541494
- https://git.kernel.org/stable/c/61ac7284346c32f9a8c8ceac56102f7914060428
- https://git.kernel.org/stable/c/8038ee3c3e5b59bcd78467686db5270c68544e30
- https://git.kernel.org/stable/c/8d3a58af50e46167b6f1db47adadad03c0045dae
- https://git.kernel.org/stable/c/a34ba4bdeec0c3b629160497594908dc820110f1
- https://git.kernel.org/stable/c/eb769ff4e281f751adcaf4f4445cbf30817be139
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26925.json
- https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-26925
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4b6346dc1edfb9839d6edee7360ed31a22fa6c95Fixed61ac7284346c32f9a8c8ceac56102f7914060428
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced23292bdfda5f04e704a843b8f97b0eb95ace1ca6Fixed2cee2ff7f8cce12a63a0a23ffe27f08d99541494
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb44a459c6561595ed7c3679599c5279204132b33Fixedeb769ff4e281f751adcaf4f4445cbf30817be139
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced5d319f7a81431c6bb32eb4dc7d7975f99e2c8c66Fixed8d3a58af50e46167b6f1db47adadad03c0045dae
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced720344340fb9be2765bbaab7b292ece0a4570eaeFixed8038ee3c3e5b59bcd78467686db5270c68544e30Fixeda34ba4bdeec0c3b629160497594908dc820110f1Fixed0d459e2ffb541841714839e8228b845458ed3b27
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedf85ca36090cbb252bcbc95fc74c2853fc792694fLast affectede07e68823116563bdbc49cef185cda6f463bc534