CVE-2024-27017

MEDIUM

Linux kernel - Info Disclosure

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: walk over current view on netlink dump The generation mask can be updated while netlink dump is in progress. The pipapo set backend walk iterator cannot rely on it to infer what view of the datastructure is to be used. Add notation to specify if user wants to read/update the set. Based on patch from Florian Westphal.

References (11)

[Patch] https://git.kernel.org/stable/c/29b359cf6d95fd60730533f7f10464e95bd17c73

[Patch] https://git.kernel.org/stable/c/52735a010f37580b3a569a996f878fdd87425650

[Patch] https://git.kernel.org/stable/c/721715655c72640567e8742567520c99801148ed

[Patch] https://git.kernel.org/stable/c/ce9fef54c5ec9912a0c9a47bac3195cc41b14679

[Patch] https://git.kernel.org/stable/c/f24d8abc2bb8cbf31ec713336e402eafa8f42f60

[Patch] https://git.kernel.org/stable/c/ff89db14c63a827066446460e39226c0688ef786

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

[Mailing List] https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/4EZ6PJW7VOZ224TD7N4JZNU6KV32ZJ53/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/DAMSOZXJEPUOXW33WZYWCVAY7Z5S7OOY/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/[email protected]/message/GCBZZEC7L7KTWWAS2NLJK6SO3IZIL4WW/

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Classification

Status published

Affected Products (13)

linux/linux_kernel < 6.8.8

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

linux/linux_kernel

fedoraproject/fedora

fedoraproject/fedora

fedoraproject/fedora

linux/Kernel < 5.10.227linux

linux/Kernel < 5.15.168linux

linux/Kernel < 6.1.112linux

linux/Kernel < 6.6.53linux

linux/Kernel < 6.8.8linux

Timeline

Published May 01, 2024

Tracked Since Feb 18, 2026