Lucene search
LinuxCVE-2024-26739HistoryApr 03, 2024 - 5:15 p.m.
CVE-2024-26739
2024-04-0317:15:51
Linux
web.nvd.nist.gov
33
linux kernel
vulnerability
resolution
net/sched
act_mirred
skb
tcf_mirred_forward
uaf
nvd
In the Linux kernel, the following vulnerability has been resolved:
net/sched: act_mirred: don’t override retval if we already lost the skb
If we’re redirecting the skb, and haven’t called tcf_mirred_forward(),
yet, we need to tell the core to drop the skb by setting the retcode
to SHOT. If we have called tcf_mirred_forward(), however, the skb
is out of our hands and returning SHOT will lead to UaF.
Move the retval override to the error path which actually need it.
Affected configurations
Node
linuxlinux_kernelRange4.19–6.6.19
ORlinuxlinux_kernelRange6.7.0–6.7.7
ORlinuxlinux_kernelRange6.8.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/sched/act_mirred.c"
],
"versions": [
{
"version": "e5cf1baf92cb",
"lessThan": "28cdbbd38a44",
"status": "affected",
"versionType": "git"
},
{
"version": "e5cf1baf92cb",
"lessThan": "f4e294bbdca8",
"status": "affected",
"versionType": "git"
},
{
"version": "e5cf1baf92cb",
"lessThan": "166c2c8a6a4d",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"net/sched/act_mirred.c"
],
"versions": [
{
"version": "4.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.19",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.19",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.7",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
redhatcve
redhatcve
CVE-2024-26739
2024-04-04 01:52:47
ubuntucve
ubuntucve
CVE-2024-26739
2024-04-03 00:00:00
cvelist
cvelist
debiancve
debiancve
CVE-2024-26739
2024-04-03 17:15:51
nvd
nvd
CVE-2024-26739
2024-04-03 17:15:51
vulnrichment
vulnrichment
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1650-1)
2024-05-16 00:00:00
RHEL 9 : kernel (RHSA-2024:4823)
2024-07-24 00:00:00
RHEL 9 : kernel-rt (RHSA-2024:4831)
2024-07-24 00:00:00
redhat
redhat
(RHSA-2024:4823) Important: kernel security update
2024-07-24 12:40:38
(RHSA-2024:4831) Important: kernel-rt security update
2024-07-24 12:51:56
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1642-1)
2024-05-24 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1647-1)
2024-05-24 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2140)
2024-08-20 00:00:00
osv
osv
Security update for the Linux Kernel
2024-08-20 07:15:53