CVE-2024-6284

HIGH

google/nftables 0.1.0 - Improper Validation of Syntactic Correctness of Input

Title source: llm

Description

In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses). This issue affects: https://pkg.go.dev/github.com/google/[email protected] The bug was fixed in the next released version: https://pkg.go.dev/github.com/google/[email protected]

References (3)

Core 3

Core References

Issue Tracking

https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596

Exploit, Issue Tracking

https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368

Exploit, Issue Tracking

https://github.com/google/nftables/issues/225

Scores

CVSS v3 7.3

EPSS 0.0029

EPSS Percentile 20.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-1286 CWE-1389

Status published

Products (2)

google/nftables 0.1.0

google/nftables 0.1.0 - 0.2.0Go

Published Jul 03, 2024

Tracked Since Feb 18, 2026