CVE-2024-39504
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-39504
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39504.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-39504
- Downstream
- Related
- Published
- 2024-07-12T12:20:36.964Z
- Modified
- 2025-11-20T05:04:23.885557Z
- Summary
- netfilter: nft_inner: validate mandatory meta and payload
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_inner: validate mandatory meta and payload
Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference is possible from userspace.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3a07327d10a09379315c844c63f27941f5081e0aFixedb30669fdea0ca03aa22995e6c99f7e7d9dee89ff
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3a07327d10a09379315c844c63f27941f5081e0aFixed39323f54cad29602917848346c71b087da92a19d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced3a07327d10a09379315c844c63f27941f5081e0aFixedc4ab9da85b9df3692f861512fe6c9812f38b7471
Affected versions
v6.*
v6.1
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.10-rc1
v6.10-rc2
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.23
v6.6.24
v6.6.25
v6.6.26
v6.6.27
v6.6.28
v6.6.29
v6.6.3
v6.6.30
v6.6.31
v6.6.32
v6.6.33
v6.6.34
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.9
v6.9-rc1
v6.9-rc2
v6.9-rc3
v6.9-rc4
v6.9-rc5
v6.9-rc6
v6.9-rc7
v6.9.1
v6.9.2
v6.9.3
v6.9.4
v6.9.5
Database specific
vanir_signatures
[
{
"deprecated": false,
"target": {
"file": "net/netfilter/nft_payload.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"22430165962140740420932716654803149473",
"82274104663701615894140742164483829004",
"51561507254921817716378535960484574621"
]
},
"id": "CVE-2024-39504-21fbe80d",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c4ab9da85b9df3692f861512fe6c9812f38b7471",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "net/netfilter/nft_payload.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"22430165962140740420932716654803149473",
"82274104663701615894140742164483829004",
"51561507254921817716378535960484574621"
]
},
"id": "CVE-2024-39504-7e185d7e",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b30669fdea0ca03aa22995e6c99f7e7d9dee89ff",
"signature_version": "v1"
},
{
"deprecated": false,
"target": {
"file": "net/netfilter/nft_payload.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"22430165962140740420932716654803149473",
"82274104663701615894140742164483829004",
"51561507254921817716378535960484574621"
]
},
"id": "CVE-2024-39504-b58c0b72",
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@39323f54cad29602917848346c71b087da92a19d",
"signature_version": "v1"
}
]