DEBIAN-CVE-2024-6284

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2024-6284
Import Source
https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2024-6284.json
JSON Data
https://api.osv.dev/v1/vulns/DEBIAN-CVE-2024-6284
Upstream
Published
2024-07-03T23:15:02.333Z
Modified
2025-11-20T10:17:54.096041Z
Severity
  • 7.3 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

In https://github.com/google/nftables  IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses). This issue affects:  https://pkg.go.dev/github.com/google/nftables@v0.1.0 The bug was fixed in the next released version:  https://pkg.go.dev/github.com/google/nftables@v0.2.0

References

Affected packages

Debian:12 / golang-github-google-nftables

Package

Name
golang-github-google-nftables
Purl
pkg:deb/debian/golang-github-google-nftables?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.0-4~deb12u1

Affected versions

0.*

0.1.0-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / golang-github-google-nftables

Package

Name
golang-github-google-nftables
Purl
pkg:deb/debian/golang-github-google-nftables?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.0-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / golang-github-google-nftables

Package

Name
golang-github-google-nftables
Purl
pkg:deb/debian/golang-github-google-nftables?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.1.0-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}