CVE-2024-26581

HIGH

Linux Kernel - Use-After-Free in nft_set_rbtree Lazy GC

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-26581. PoCs published by madfxr.

AI-analyzed exploit summary This repository contains two bash scripts that check for the presence of CVE-2024-26581, a vulnerability affecting certain Linux kernel versions. The scripts verify kernel versions and nftables configurations to determine if the system is affected.

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.

Exploits (1)

nomisec SCANNER 2 stars

by madfxr · poc

https://github.com/madfxr/CVE-2024-26581-Checker

View Code ZIP pw:eip

This repository contains two bash scripts that check for the presence of CVE-2024-26581, a vulnerability affecting certain Linux kernel versions. The scripts verify kernel versions and nftables configurations to determine if the system is affected.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Linux kernel (specific versions)

No auth needed

Prerequisites: Access to the target system's kernel version and nftables configuration

MITRE ATT&CK