CVE-2024-26581

HIGH

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.

Exploits (2)

nomisec SCANNER 2 stars

by madfxr · poc

https://github.com/madfxr/CVE-2024-26581-Checker

View Code ZIP pw:eip

nomisec

by laoqin1234 · poc

https://github.com/laoqin1234/Linux-Root-CVE-2024-26581-PoC

View on nomisec

References (9)

[Patch] https://git.kernel.org/stable/c/10e9cb39313627f2eae4cd70c4b742074e998fd8

[Patch] https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb

[Patch] https://git.kernel.org/stable/c/2bab493a5624444ec6e648ad0d55a362bcb4c003

[Patch] https://git.kernel.org/stable/c/4cee42fcf54fec46b344681e7cc4f234bb22f85a

[Patch] https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0

[Patch] https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9

[Patch] https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7

[Patch] https://git.kernel.org/stable/c/c60d252949caf9aba537525195edae6bbabc35eb

[Mailing List, Third Party Advisory] https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Scores

CVSS v3 7.8

EPSS 0.0029

EPSS Percentile 52.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (8)

debian/debian_linux 10.0

linux/Kernel < 5.4.269linux

linux/Kernel 5.11.0 - 5.15.149linux

linux/Kernel 5.16.0 - 6.1.78linux

linux/Kernel 5.5.0 - 5.10.210linux

linux/Kernel 6.2.0 - 6.6.17linux

linux/Kernel 6.5.0 - 6.7.5linux

linux/linux_kernel 5.4.262 - 5.4.269

Published Feb 20, 2024

Tracked Since Feb 18, 2026